See attachment. Wtf is balsa.gnome.org?
--
Regards,
Olav
--- Begin Message ---
Dear Gnome Security Team
I am a cyber security researcher from tunisia i recently discover a security
problem on your website
Security type : XSS - cross -site scripting
POC :
https://balsa.gnome.org/publications/search.php?title=&author=Y&keyword=&year=";><script>alert('xss
by Ben khlifa fahmi')</script>
Solution :
use HTMLSPECIALCHARS($_GET['param']);
Thank you for your time
ill be thankfull if you gave me any Acknowledge for reporting this security
Thank you again
Ben khlifa fahmi
Founder & CEO of the Tunisian Cyber Army
_______________________________________________
security-list mailing list
[email protected]
https://mail.gnome.org/mailman/listinfo/security-list
automatically sent to *all* subscribers of the release-team mailing list
--- End Message ---
_______________________________________________
gnome-infrastructure mailing list
[email protected]
https://mail.gnome.org/mailman/listinfo/gnome-infrastructure
