Search Results: 4262 of 8339 [ <<First <Prev Next> Last>> ] [ Return to Search Results ]


[#4816] XSS via new_lang
Summary XSS via new_lang
Queue Horde Framework Packages
Queue Version HEAD
Type Bug
State Resolved
Priority 2. Medium
Owners
Requester thomas (at) gelf (dot) net
Created 12/28/06 (1310 days ago)
Due
Updated 12/28/06 (1310 days ago)
Assigned
Resolved 12/28/06 (1310 days ago)
Attachments patch2_new_lang_xss.diff Download
Milestone
Patch No

History
12/28/06 Jan Schneider Comment #3
State ⇒ Resolved		 Reply to this comment
I'm not sure how this could be exploited with XSS, but an additional 
check doesn't hurt. Committed, thanks.
12/28/06 Jan Schneider Deleted Attachment: patch1_new_lang_xss.diff
 
12/28/06 thomas (at) gelf (dot) net Comment #2
New Attachment: patch2_new_lang_xss.diff Download		 Reply to this comment
Same thing, different patch
12/28/06 thomas (at) gelf (dot) net Comment #1
New Attachment: patch1_new_lang_xss.diff
Queue ⇒ Horde Framework Packages
State ⇒ Unconfirmed
Priority ⇒ 2. Medium
Type ⇒ Bug
Summary ⇒ XSS via new_lang		 Reply to this comment
There are no checks for new_lang in NLS.php.



Cheers,

Thomas Gelf