Updates:
Status: Arreglada
Labels: -Notificar-SMF Notificar-FD
Comment #8 on issue 11 by sirdarckcat: XSS in package server manager
http://code.google.com/p/smf2-review/issues/detail?id=11
Description: XSS in package server manager
Discovered by: [email protected]
Vulnerable code: Sources/PackageGet.php#732
Vulnerable URL: index.php?action=packageget
PoC: "Add server" => Name: <h1>XSS</h1>
--
You received this message because you are listed in the owner
or CC fields of this issue, or because you starred this issue.
You may adjust your issue notification preferences at:
http://code.google.com/hosting/settings
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
