1
Yurdal
News 1.66 Cross Site Scripting Vulnerability ?
  • 2011/12/7 9:20

  • Yurdal

  • Friend of XOOPS

  • Posts: 386

  • Since: 2005/3/27


I just read this
http://www.securityfocus.com/bid/45226

Is there any action for this ?

2
trabis
Re: News 1.66 Cross Site Scripting Vulnerability ?
  • 2011/12/7 11:47

  • trabis

  • Core Developer

  • Posts: 2269

  • Since: 2006/9/1 1


If your users are allowed to submit news without approval and you have hackers in your community, you should be worried.

I don't know where the vulnerability is, it is not mentioned in that page.

3
xoobaru
Re: News 1.66 Cross Site Scripting Vulnerability ?
  • 2011/12/7 22:26

  • xoobaru

  • Just can't stay away

  • Posts: 494

  • Since: 2010/12/2


Does that also apply to comments for this module?

4
trabis
Re: News 1.66 Cross Site Scripting Vulnerability ?
  • 2011/12/8 0:19

  • trabis

  • Core Developer

  • Posts: 2269

  • Since: 2006/9/1 1


No :)

Login

Who's Online

153 user(s) are online (85 user(s) are browsing Support Forums)


Members: 0


Guests: 153


more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Mar 31
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits