[Tickets #9240] XSS: Mailbox name not encoded properly

bugs at horde.org bugs at horde.org
Wed Sep 8 16:14:01 UTC 2010


DO NOT REPLY TO THIS MESSAGE. THIS EMAIL ADDRESS IS NOT MONITORED.

Ticket URL: http://bugs.horde.org/ticket/9240
------------------------------------------------------------------------------
  Ticket             | 9240
  Created By         | Michael Slusarz <slusarz at horde.org>
  Summary            | XSS: Mailbox name not encoded properly
  Queue              | DIMP
  Version            | FRAMEWORK_3
  Type               | Bug
  State              | Assigned
  Priority           | 3. High
  Milestone          | 1.1.5
  Patch              |
  Owners             | Michael Slusarz
------------------------------------------------------------------------------


Michael Slusarz <slusarz at horde.org> (2010-09-08 12:14) wrote:

A URL specific to the Horde system can be used to perform an XSS attack.






More information about the bugs mailing list