[Tickets #14148] Re: vacation, spam & forward double encoding
noreply at bugs.horde.org
noreply at bugs.horde.org
Mon Nov 2 17:34:29 UTC 2015
BITTE NICHT AUF DIESE NACHRICHT ANTWORTEN. NACHRICHTEN AN DIESE
E-MAIL-ADRESSE WERDEN NICHT GELESEN.
Ticket-URL: https://bugs.horde.org/ticket/14148
------------------------------------------------------------------------------
Ticket | 14148
Aktualisiert Von | Jan Schneider <jan at horde.org>
Zusammenfassung | vacation, spam & forward double encoding
Warteschlange | Horde Framework Packages
Typ | Bug
Status | Resolved
Priorität | 1. Low
Milestone |
Patch |
Zuständige | Michael Rubinsky
------------------------------------------------------------------------------
Jan Schneider <jan at horde.org> (2015-11-02 18:34) hat geschrieben:
This isn't correct and opens a security issue in Horde_Form. We should
probably rather make sure that we don't pass the encoded URL to
Horde_Form from Ingo. Probably need to set ->raw in the passed
Horde_Url.
More information about the bugs
mailing list