[Tickets #5892] Re: Linked attachment feature vulnerability
bugs at bugs.horde.org
bugs at bugs.horde.org
Wed Nov 21 12:23:33 UTC 2007
DO NOT REPLY TO THIS MESSAGE. THIS EMAIL ADDRESS IS NOT MONITORED.
Ticket URL: http://bugs.horde.org/ticket/?id=5892
-----------------------------------------------------------------------
Ticket | 5892
Updated By | Jan Schneider <jan at horde.org>
Summary | Linked attachment feature vulnerability
Queue | IMP
Version | HEAD
Type | Bug
State | Feedback
Priority | 2. Medium
Owners |
-----------------------------------------------------------------------
Jan Schneider <jan at horde.org> (2007-11-21 04:23) wrote:
It looks like the Mozilla folks at least accepted that this is their own
bug:
http://blog.mozilla.com/security/2007/11/16/jar-protocol-xss-security-issues/
We should wait for their final measures to deal with that problem and then
reconsider if we still need to add some additional protection.
More information about the bugs
mailing list