savannah-hackers
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Savannah-help-public] Report of "security bugs"

From: Sylvain Beucler
Subject: Re: [Savannah-help-public] Report of "security bugs"
Date: Sun, 6 Jan 2008 09:26:54 +0100
User-agent: Mutt/1.5.17 (2007-11-01) 
Hi,

These Savannah-related XSS bugs were fixed yesterday.  (Emanuele
alerted other persons about it - #gnu, savannah mailing list).

-- 
Sylvain

On Sun, Jan 06, 2008 at 03:09:37AM -0500, Richard Stallman wrote:
> Please DTRT about this report.
> 
> ------- Start of forwarded message -------
> Message-ID: <address@hidden>
> Date: Sat, 05 Jan 2008 07:17:27 +0100
> From: Emanuele Gentili <address@hidden>
> MIME-Version: 1.0
> To: address@hidden
> Subject: Security bug in gnu.org
> Content-Type: text/plain; charset=ISO-8859-15
> 
> Hello Mr Stallman,
> 
> I was surf in gnu website and i found some security bugs:
> 
> http://www.gnu.org/search/fsd-search.py?q=%22%3E%3Cscript%3Ealert%281%29%3C%2Fscript%3E
> http://savannah.gnu.org/cookbook/?func=detailitem&comingfrom=23&item_id=%22%3E%3Cscript%3Ealert(420)
> %3C/script%3E
> https://savannah.gnu.org/account/login.php?uri=";><script>alert(document.cookie)</script>
> 
> I'd like contribuite to GNU project, if you think that my contribute is
> good, mail me :P
> 
> 
> Emanuele Gentili
> ------- End of forwarded message -------
reply via email to
[Prev in Thread] Current Thread [Next in Thread]