Menu

#760 Publisher directory XSS vulnerability

v1.0 (example)
closed-fixed
Ahasuerus
None
5
2020-11-20
2020-11-20
Ahasuerus
No

Publisher directory XSS vulnerability, e.g. http://127.0.0.1/cgi-bin/directory.cgi?publisher+%3Cscript%3Ealert(%27You%20are%20doomed!%27);%3C/script%3E

Discussion

  • Ahasuerus

    Ahasuerus - 2020-11-20
    • summary: Publisher directory XSS vulnerubility --> Publisher directory XSS vulnerability
    • Description has changed:

    Diff:

    --- old
+++ new
@@ -1 +1 @@
-Publisher directory XSS vulnerubility, e.g.  http://127.0.0.1/cgi-bin/directory.cgi?publisher+%3Cscript%3Ealert(%27You%20are%20doomed!%27);%3C/script%3E
+Publisher directory XSS vulnerability, e.g.  http://127.0.0.1/cgi-bin/directory.cgi?publisher+%3Cscript%3Ealert(%27You%20are%20doomed!%27);%3C/script%3E
    • status: open --> closed-fixed
    • assigned_to: Ahasuerus
     

  • Ahasuerus

    Ahasuerus - 2020-11-20

    Fixed in biblio/directory.py , installed in SVN 577 on 2020-11-20. Closing the Bug.

     

Anonymous
Anonymous

Add attachments
Cancel