allura-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "John Barrett" <jbarr...@slashdotmedia.com>
Subject [allura:tickets] #7846 Boards - input validation Problem!
Date Thu, 05 Mar 2015 18:26:15 GMT



---

** [tickets:#7846] Boards - input validation Problem!**

**Status:** open
**Milestone:** unreleased
**Labels:** support ss-9878 
**Created:** Thu Mar 05, 2015 06:26 PM UTC by John Barrett
**Last Updated:** Thu Mar 05, 2015 06:26 PM UTC
**Owner:** nobody

https://sourceforge.net/p/forge/site-support/9878/

[forge:site-support:#9878]

---

Hello,
tried to explain a possible XSS Vulerability within OSS-PHP Projects in the Boards ... well
... my Code "broke" Board-Layout and also some Functionality ... not able to Edit those Entries
anymore ...
Maybe some more Input Sanitation would help? :)
URL: https://sourceforge.net/p/opensearchserve/discussion/947147/thread/dbbe183b/
Andreas Schnederle-Wagner

----

Chatted with Engineering about this and was asked to escalate


---

Sent from forge-allura.apache.org because dev@allura.apache.org is subscribed to https://forge-allura.apache.org/p/allura/tickets/

To unsubscribe from further messages, a project admin can change settings at https://forge-allura.apache.org/p/allura/admin/tickets/options.
 Or, if this is a mailing list, you can unsubscribe from the mailing list.
Mime
  • Unnamed multipart/related (inline, None, 0 bytes)
View raw message