Tickets :: [#9357] XSS: VCARD attachments

6.0.0-beta1

7/10/25

Summary	XSS: VCARD attachments
Queue	Horde Framework Packages
Queue Version	Git master
Type	Bug
State	Resolved
Priority	3. High
Owners	Horde Developers (at) , jan (at) horde (dot) org
Requester	slusarz (at) horde (dot) org
Created	11/02/2010 (5364 days ago)
Due
Updated	11/18/2010 (5348 days ago)
Assigned
Resolved	11/18/2010 (5348 days ago)
Github Issue Link
Github Pull Request
Milestone
Patch	No

11/18/2010 06:13:38 PM	Michael Slusarz	State ⇒ Resolved

11/18/2010 06:13:33 PM	Git Commit	Comment #5	Reply to this comment
Changes have been made in Git for this ticket: ~~Bug #9357~~: changelog http://git.horde.org/diff.php/horde/docs/CHANGES?rt=horde-git&r1=118be0578b9e8b652ca70b312401a585d9c4b063&r2=fc454915a1829899e463a808516ef42e263ef0e4

11/18/2010 06:12:40 PM	CVS Commit	Comment #4	Reply to this comment
Changes have been made in CVS for this ticket: ~~Bug: 9357~~ [mms] SECURITY: Fix XSS when viewing details of a vCard. http://cvs.horde.org/diff.php/framework/MIME/MIME/Viewer/Attic/vcard.php?rt=horde&r1=1.34.10.27&r2=1.34.10.28&ty=u http://cvs.horde.org/diff.php/horde/docs/CHANGES?rt=horde&r1=1.515.2.639&r2=1.515.2.640&ty=u

11/02/2010 07:53:48 PM	Git Commit	Comment #3	Reply to this comment
Changes have been made in Git for this ticket: ~~Bug #9357~~: XSS fix for VCARD attachments http://git.horde.org/diff.php/framework/Core/lib/Horde/Core/Mime/Viewer/Vcard.php?rt=horde-git&r1=0848333eaff50a30c120e9144736cbd9fb176b56&r2=5e0dc28dfa868f1481181bb604e7c44a0d5dadc4

11/02/2010 07:53:25 PM	Michael Slusarz	Comment #2 (Private)
[Hidden]

11/02/2010 07:51:45 PM	Michael Slusarz	Comment #1 Priority ⇒ 3. High Patch ⇒ No Milestone ⇒ Assigned to Horde Developers Assigned to Jan Schneider Summary ⇒ XSS: VCARD attachments Type ⇒ Bug State ⇒ Assigned Queue ⇒ Horde Framework Packages	Reply to this comment
XSS vulnerability in VCARD attachments. Confirmed in git.