[Tickets #9240] XSS: Mailbox name not encoded properly
bugs at horde.org
bugs at horde.org
Wed Sep 8 16:14:01 UTC 2010
DO NOT REPLY TO THIS MESSAGE. THIS EMAIL ADDRESS IS NOT MONITORED.
Ticket URL: http://bugs.horde.org/ticket/9240
------------------------------------------------------------------------------
Ticket | 9240
Created By | Michael Slusarz <slusarz at horde.org>
Summary | XSS: Mailbox name not encoded properly
Queue | DIMP
Version | FRAMEWORK_3
Type | Bug
State | Assigned
Priority | 3. High
Milestone | 1.1.5
Patch |
Owners | Michael Slusarz
------------------------------------------------------------------------------
Michael Slusarz <slusarz at horde.org> (2010-09-08 12:14) wrote:
A URL specific to the Horde system can be used to perform an XSS attack.
More information about the bugs
mailing list