Review

Detector:

Findbugs

Target:

project '

uberfire

' version

0.3.1

Tags:

Potential Misuse

Anomaly identified by the detector. Please review whether this anomaly corresponds to a misuse.

Finding:	finding-3
In File:	org/uberfire/server/UberfireServlet.java
In Method:	loadHeader(PrintWriter)
Code with Finding:	`class UberfireServlet { private void loadHeader( PrintWriter writer ) { final String content = (String) TemplateRuntime.execute( headerTemplate ); writer.append( content ); } }`

Hit	Rank	Desc	Type	Violations
Yes	3	SECXSS2: This use of java/io/PrintWriter.append(Ljava/lang/CharSequence;)Ljava/io/PrintWriter; could be vulnerable to XSS	XSS_SERVLET

Reviewer Name:	vidya
Comment: