XOOPS 
Forum
Forum Index General Forums Community Support Modules Support Themes Support Development International Support Module Hack Reviews Theme Designer Talk
  1. Board index / 
  2. Xoops Development / 
  3. Xoops Bug Reports 
  4.  / News 1.66 Cross Site Scripting Vulnerability ?
Register
1
Yurdal
News 1.66 Cross Site Scripting Vulnerability ?

  • 2011/12/7 9:20

  • Yurdal

  • Friend of XOOPS

  • Posts: 386

  • Since: 2005/3/27


I just read this
http://www.securityfocus.com/bid/45226

Is there any action for this ?
2
trabis
Re: News 1.66 Cross Site Scripting Vulnerability ?

  • 2011/12/7 11:47

  • trabis

  • Core Developer

  • Posts: 2269

  • Since: 2006/9/1 1


If your users are allowed to submit news without approval and you have hackers in your community, you should be worried.

I don't know where the vulnerability is, it is not mentioned in that page.
3
xoobaru
Re: News 1.66 Cross Site Scripting Vulnerability ?

  • 2011/12/7 22:26

  • xoobaru

  • Just can't stay away

  • Posts: 494

  • Since: 2010/12/2


Does that also apply to comments for this module?
4
trabis
Re: News 1.66 Cross Site Scripting Vulnerability ?

  • 2011/12/8 0:19

  • trabis

  • Core Developer

  • Posts: 2269

  • Since: 2006/9/1 1


No :)

Login

Register now!  |  Lost Password?

Search

Advanced Search

Recent Posts

Who's Online

284 user(s) are online (151 user(s) are browsing Support Forums)

Members: 0

Guests: 284

more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Nov 30
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits