[Tickets #14857] Re: Multiple XSS security vulnerabilities
noreply at bugs.horde.org
noreply at bugs.horde.org
Tue Sep 25 16:11:27 UTC 2018
DO NOT REPLY TO THIS MESSAGE. THIS EMAIL ADDRESS IS NOT MONITORED.
Ticket URL: https://bugs.horde.org/ticket/14857
------------------------------------------------------------------------------
Ticket | 14857
Updated By | Git Commit <commits at lists.horde.org>
Summary | Multiple XSS security vulnerabilities
Queue | Horde Groupware
Version | 5.2.22
Type | Bug
State | Assigned
Priority | 3. High
Milestone |
Patch |
Owners | Michael Rubinsky
------------------------------------------------------------------------------
Git Commit <commits at lists.horde.org> (2018-09-25 16:11) wrote:
Changes have been made in Git (master):
commit da2342594b749f1f88747cbb11ecfdc188f64a85
Author: Michael J Rubinsky <mrubinsk at horde.org>
Date: Tue, 25 Sep 2018 12:10:39 -0400
Bug: 14857
Escape user supplied $color value and prevent XSS vuln.
M lib/Horde/Core/Ui/VarRenderer/Html.php
https://github.com/horde/Core/commit/da2342594b749f1f88747cbb11ecfdc188f64a85
More information about the bugs
mailing list