[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Phpgroupware-tracker] [bug #13863] Main screen message allows for poten
From: |
anonymous |
Subject: |
[Phpgroupware-tracker] [bug #13863] Main screen message allows for potential security risk |
Date: |
Wed, 20 Jul 2005 14:36:26 +0000 |
User-agent: |
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.7.8) Gecko/20050511 Firefox/1.0.4 |
URL:
<http://savannah.gnu.org/bugs/?func=detailitem&item_id=13863>
Summary: Main screen message allows for potential security
risk
Project: phpGroupWare
Submitted by: None
Submitted on: Wed 07/20/2005 at 10:36
Category: None
Item Group: 0.9.16.000 release
Severity: 3 - Normal
Priority: 5 - Normal
Status: None
Privacy: Public
Assigned to: None
Open/Closed: Open
Component Version: None
Platform Version: GNU/Linux - RedHat/Fedora
Reproducibility: Every Time
Planned Release: None
Fixed Release:
_______________________________________________________
Details:
When editing the main screen message from the admin pages, it appears to be
possible to include *any* HTML that you like, which means that this could
potentially be abused, either with javascript or other code embedded in the
message.
_______________________________________________________
Reply to this item at:
<http://savannah.gnu.org/bugs/?func=detailitem&item_id=13863>
_______________________________________________
Message sent via/by Savannah
http://savannah.gnu.org/
- [Phpgroupware-tracker] [bug #13863] Main screen message allows for potential security risk,
anonymous <=