Comment 1 for bug 917963

Revision history for this message
Thierry Carrez (ttx) wrote : Re: qweb.py (included with ajaxterm) allows arbitrary code execution

Adding PTL and markmc (as it may impact soon-to-be-released 2011.3.1)

Working on checking how exploitable this is, but at first glance I'd agree that this qweb.py is pretty weak.