From: bertrand G. <ber...@to...> - 2006-08-23 09:59:25
|
Marcus Better wrote: > Any comments on this one? Is there a patch? > Do you have more information on it ? The report is quite lame ... As I gave a touch last year in some refactoring of this stuff (without changing functionality), I'm sure interested in some enhancement and produce some patch against those attacks. Don't hesitate to mail me private , with some copy to sec...@ti... (which I dont belong). I'm interested in enhance those filters. Regards -- toggg > > Subject: > [pkg-tikiwiki-devel] TikiWiki "highlight" Cross-Site Scripting > Vulnerability > From: > Stefan Fritsch <sf...@sf...> > Date: > Tue, 22 Aug 2006 22:08:15 +0200 > To: > pkg...@li... > > To: > pkg...@li... > > > Hi, > > a new XSS vulnerability has been found in tikiwiki. > > See > http://secunia.com/advisories/21536/ > for details. > > Cheers, > Stefan > > _______________________________________________ > pkg-tikiwiki-devel mailing list > pkg...@li... > http://lists.alioth.debian.org/mailman/listinfo/pkg-tikiwiki-devel > > ------------------------------------------------------------------------ > > ------------------------------------------------------------------------- > Using Tomcat but need to do more? Need to support web services, security? > Get stuff done quickly with pre-integrated technology to make your job easier > Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo > http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 > ------------------------------------------------------------------------ > > _______________________________________________ > Tikiwiki-devel mailing list > Tik...@li... > https://lists.sourceforge.net/lists/listinfo/tikiwiki-devel > |