Summary | XSS vulnerability in Tasks view |
Queue | Kronolith |
Queue Version | Git master |
Type | Enhancement |
State | Resolved |
Priority | 3. High |
Owners | jan (at) horde (dot) org |
Requester | ctimoteo (at) sapo (dot) pt |
Created | 05/10/2012 (4793 days ago) |
Due | |
Updated | 05/15/2012 (4788 days ago) |
Assigned | |
Resolved | 05/12/2012 (4791 days ago) |
Milestone | |
Patch | Yes |
commit 1228a6825a8dab3333d0a8c8986fc10d1f3d11b2
Author: Jan Schneider <jan@horde.org>
Date: Sat May 12 13:32:19 2012 +0200
Escape content (
Bug #11189).kronolith/docs/CHANGES | 2 ++
kronolith/js/kronolith.js | 10 +++++-----
kronolith/package.xml | 2 ++
3 files changed, 9 insertions(+), 5 deletions(-)
http://git.horde.org/horde-git/-/commit/1228a6825a8dab3333d0a8c8986fc10d1f3d11b2
Assigned to Jan Schneider
State ⇒ Resolved
for "Horde Developers" visible only.
commit 1228a6825a8dab3333d0a8c8986fc10d1f3d11b2
Author: Jan Schneider <jan@horde.org>
Date: Sat May 12 13:32:19 2012 +0200
Escape content (
Bug #11189).kronolith/docs/CHANGES | 2 ++
kronolith/js/kronolith.js | 10 +++++-----
kronolith/package.xml | 2 ++
3 files changed, 9 insertions(+), 5 deletions(-)
http://git.horde.org/horde-git/-/commit/1228a6825a8dab3333d0a8c8986fc10d1f3d11b2
Priority ⇒ 3. High
New Attachment: kronolith.js.patch.txt
Patch ⇒ Yes
Milestone ⇒
Queue ⇒ Kronolith
Summary ⇒ XSS vulnerability in Tasks view
Type ⇒ Enhancement
State ⇒ New
I detected one possible XSS vulnerability in Kronolith,
In the Task view if i create tasks with some javascript code in task
description,
the javascript code is executed when listing the tasks (or after a toggle),
i provide one patch to solve-it
Goodbye.
--
Carlos Timóteo