FormFill does not esacpe double quote filled into INPUT fields

  • 7011560
  • 25-Dec-2012
  • 03-Apr-2013


Novell Access Manager 3.1.4
Novell Access Manager 3.1.4 Linux Access Gateway


  • Users which containing one of the following characters in their password will fail on running SSO on with the protected web server: (", $, #, &)

  • FormFill fails on escaping the above mentioned characters

  • user password: = n"vell
  • input field:  <INPUT name='loginpass' id='loginpass' type='password'>
  • Loginform rewritten by FormFill: <input name="loginpass" id="loginpass" type="hidden" value="n"vell">

  • result: password will truncated to: "n


This issue has been addressed to engineering and will be fixed with NAM 3.1 SP5.