|
| From: | Matt McCutchen |
| Subject: | [Savannah-help-public] [sr #107282] XSS in account email change form |
| Date: | Wed, 24 Feb 2010 23:39:21 +0000 |
| User-agent: | Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2) Gecko/20100220 Fedora/3.6.1-1.custom.fc12 Namoroka/3.6 |
URL:
<http://savannah.gnu.org/support/?107282>
Summary: XSS in account email change form
Project: Savannah Administration
Submitted by: hashproduct
Submitted on: Wed 24 Feb 2010 06:39:20 PM EST
Category: Savannah website
Priority: 5 - Normal
Severity: 6 - Security
Status: None
Assigned to: None
Originator Email:
Operating System: None
Open/Closed: Open
Discussion Lock: Any
_______________________________________________________
Details:
https://savannah.gnu.org/my/admin/change.php?item=email&confirm_hash=%27%3E%3Cscript%3Ealert%28%27xss%27%29;%3C/script%3E&step=confirm
_______________________________________________________
Reply to this item at:
<http://savannah.gnu.org/support/?107282>
_______________________________________________
Message sent via/by Savannah
http://savannah.gnu.org/
| [Prev in Thread] | Current Thread | [Next in Thread] |