[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Gnuheter-dev] [Bug #2890] docs.php XSS
From: |
nobody |
Subject: |
[Gnuheter-dev] [Bug #2890] docs.php XSS |
Date: |
Thu, 03 Apr 2003 06:45:16 -0500 |
=================== BUG #2890: LATEST MODIFICATIONS ==================
http://savannah.nongnu.org/bugs/?func=detailbug&bug_id=2890&group_id=2176
Changes by: Ulf Härnhammar <address@hidden>
Date: Thu 04/03/2003 at 11:45 (GMT)
------------------ Additional Follow-up Comments ----------------------------
Den har ar val lagad nu?
=================== BUG #2890: FULL BUG SNAPSHOT ===================
Submitted by: metaur Project: Gnuheter
Submitted on: Fri 03/21/2003 at 11:55
Category: Bug Severity: 5 - Major
Bug Group: None Resolution: None
Assigned to: None Status: Open
Summary: docs.php XSS
Original Submission: docs.php har ett Cross-Site Scripting-problem. Begrunda
följande URL:
http://gnuheter.org/docs.php?config=1&sitename=%3cscript%3ealert%2857%29%3c%2fscript%3e
Det fixas enkelt genom att ändra if (!config) include.. till bara include.
Follow-up Comments
*******************
-------------------------------------------------------
Date: Thu 04/03/2003 at 11:45 By: metaur
Den har ar val lagad nu?
CC list is empty
No files currently attached
For detailed info, follow this link:
http://savannah.nongnu.org/bugs/?func=detailbug&bug_id=2890&group_id=2176
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Gnuheter-dev] [Bug #2890] docs.php XSS,
nobody <=