[Lxr-dev] [ lxr-Bugs-2926043 ] Cross-Site Scripting bugs in LXR
Brought to you by:
ajlittoz
Menu
▾
▴
[Lxr-dev] [ lxr-Bugs-2926043 ] Cross-Site Scripting bugs in LXR
|
From: SourceForge.net <no...@so...> - 2010-01-05 06:26:24
|
Bugs item #2926043, was opened at 2010-01-05 01:26 Message generated for change (Tracker Item Submitted) made by drosenbe You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=390117&aid=2926043&group_id=27350 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: None Group: v0.9.6 Status: Open Resolution: None Priority: 5 Private: Yes Submitted By: Dan Rosenberg (drosenbe) Assigned to: Nobody/Anonymous (nobody) Summary: Cross-Site Scripting bugs in LXR Initial Comment: Apologies if you've received duplicate e-mail from me, but I haven't received any response from the LXR SourceForge e-mail addresses. There are several cross-site scripting vulnerabilities in LXR. These vulnerabilities could allow an attacker to execute scripts in a user's browser, steal cookies associated with vulnerable domains, redirect the user to malicious websites, etc. A proof-of-concept URL may look like: http://www.example.com/lxr/ident?i=<script>alert('XSS')</script> I have confirmed these vulnerabilities in LXR 0.9.6 and 0.9.5. The experimental LXR installation in use at lxr.linux.no is also vulnerable with certain settings. This issue has been assigned CVE-2009-4497. I have written a patch for this issue, and I'd be happy to work with you to resolve the problem. Please reply to discuss fixing and publishing this bug. Thanks, Dan Rosenberg ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=390117&aid=2926043&group_id=27350 |
