From eae3e8b357d96bff29ce0b3086aed388754feaf2 Mon Sep 17 00:00:00 2001
From: Dominik Mizyn <d.mizyn@samsung.com>
Date: Fri, 18 Oct 2019 14:43:07 +0200
Subject: Security Vulnerability in pom.xml fix

Security Vulnerability in pom.xml fix

Issue-ID: PORTAL-772
Change-Id: I6b0932122b101411b06d371e757918875529b87d
Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
---
 .../src/main/java/org/onap/portalapp/util/SecurityXssValidator.java   | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'ecomp-sdk/epsdk-app-common/src/main/java/org/onap')

diff --git a/ecomp-sdk/epsdk-app-common/src/main/java/org/onap/portalapp/util/SecurityXssValidator.java b/ecomp-sdk/epsdk-app-common/src/main/java/org/onap/portalapp/util/SecurityXssValidator.java
index 69807a1c..c964712d 100644
--- a/ecomp-sdk/epsdk-app-common/src/main/java/org/onap/portalapp/util/SecurityXssValidator.java
+++ b/ecomp-sdk/epsdk-app-common/src/main/java/org/onap/portalapp/util/SecurityXssValidator.java
@@ -43,8 +43,8 @@ import java.util.concurrent.locks.Lock;
 import java.util.concurrent.locks.ReentrantLock;
 import java.util.regex.Pattern;
 import org.apache.commons.lang.NotImplementedException;
+import org.apache.commons.lang.StringEscapeUtils;
 import org.apache.commons.lang.StringUtils;
-import org.apache.commons.lang3.StringEscapeUtils;
 import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
 import org.onap.portalsdk.core.util.SystemProperties;
 import org.owasp.esapi.ESAPI;
@@ -132,7 +132,7 @@ public class SecurityXssValidator {
 
       if (StringUtils.isNotBlank(value)) {
 
-        value = StringEscapeUtils.escapeHtml4(value);
+        value = StringEscapeUtils.escapeHtml(value);
 
         value = ESAPI.encoder().canonicalize(value);
 
-- 
cgit 1.2.3-korg