Problem Note 15707: Portal password cannot contain certain characters
The Portal password may not contain certain characters due to the
prevention of cross scripting attacks. These characters, if put into the
password field, are automatically filtered out from the password.
Currently these characters are the following:
" > < ( )
Here is a good description of why the filtering exists for these
characters:
http://www.owasp.org/documentation/topten/a4.html
This site in general is a great one for explanations of web application
vulnerabilities and exploits.
Operating System and Release Information
| Product Family | Product | System | Reported Release | Fixed Release* |
| SAS System | SAS Information Delivery Portal | 64-bit Enabled HP-UX | 2.0 | |
| HP-UX IPF | 2.0 | |
| Microsoft Windows XP Professional | 2.0 | |
| Microsoft Windows XP 64-bit Edition | 2.0 | |
| Microsoft Windows NT Workstation | 2.0 | |
| Microsoft Windows Server 2003 Standard Edition | 2.0 | |
| Microsoft Windows Server 2003 Datacenter Edition | 2.0 | |
| Microsoft® Windows® for 64-Bit Itanium-based Systems | 2.0 | |
| Microsoft Windows Server 2003 Enterprise Edition | 2.0 | |
| Microsoft Windows 2000 Server | 2.0 | |
| Microsoft Windows 2000 Professional | 2.0 | |
| Microsoft Windows 2000 Advanced Server | 2.0 | |
| Microsoft Windows 2000 Datacenter Server | 2.0 | |
| 64-bit Enabled Solaris | 2.0 | |
| Linux on Itanium | 2.0 | |
| z/OS | 2.0 | |
| Linux | 2.0 | |
| OpenVMS Alpha | 2.0 | |
| 64-bit Enabled AIX | 2.0 | |
| Tru64 UNIX | 2.0 | |
*
For software releases that are not yet generally available, the Fixed
Release is the software release in which the problem is planned to be
fixed.
| Type: | Problem Note |
| Priority: | medium |
| Topic: | System Administration ==> Servers ==> Portal
|
| Date Modified: | 2006-04-11 16:16:45 |
| Date Created: | 2005-07-06 15:43:26 |
