#628 Cross-site scripting vulnerability.

closed-fixed
None
9
2002-04-19
2002-04-19
No

This code will pass magicHTML:

<hr>
<img x="<foo>" src=javascript:alert(1) y="</foo>">
<hr>

Needs to be fixed before 1.2.6.

Discussion

  • Konstantin Riabitsev

    • status: open --> closed-fixed
     
  • Konstantin Riabitsev

    Logged In: YES
    user_id=147248

    Fix is in the CVS.

     

Log in to post a comment.

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:

JavaScript is required for this form.





No, thanks