Summary | CSRF and XSS in in Save search as a virtual address book |
Queue | Turba |
Queue Version | 4.1.2 |
Type | Bug |
State | Resolved |
Priority | 3. High |
Owners | jan (at) horde (dot) org |
Requester | m.benetrix (at) e-secure (dot) com (dot) au |
Created | 10/28/2013 (4271 days ago) |
Due | 11/02/2013 (4266 days ago) |
Updated | 10/29/2013 (4270 days ago) |
Assigned | |
Resolved | 10/29/2013 (4270 days ago) |
Github Issue Link | |
Github Pull Request | |
Milestone | |
Patch | No |
State ⇒ Resolved
commit 74f9add4ad86c29b608270e33b17426163b3c8cf
Author: Jan Schneider <jan@horde.org>
Date: Tue Oct 29 12:19:06 2013 +0100
Token-protect vbook form (
Bug #12803).turba/search.php | 67
+++++++++++++++++++--------------
turba/templates/search/vbook.html.php | 1 +
2 files changed, 40 insertions(+), 28 deletions(-)
http://git.horde.org/horde-git/-/commit/74f9add4ad86c29b608270e33b17426163b3c8cf
Queue ⇒ Turba
Priority ⇒ 3. High
Priority ⇒ 2. Medium
Patch ⇒ No
Milestone ⇒
Queue ⇒ Horde Groupware Webmail Edition
Due ⇒ 11/02/2013
Summary ⇒ CSRF and XSS in in Save search as a virtual address book
Type ⇒ Bug
State ⇒ Unconfirmed
functionality. A malicious attacker could launch a CSRF attack and
makes the user to save a malicious code into the "save search".This
functionality was found to miss the user's input sanitisation, making
it vulnerable to XSS.
So in order to exploit the XSS, a CSRF has to be launched before.