On 07/15/2014 04:25 PM, gameFace22 wrote:
> Hello,
>
> I was going through SourceForge for downloading PyDev Plugin and I
> encountered CrossSiteScripting vulnerability in certain domains which
> is hosted by SourceForge. I am including the links which has the
> vulnerability,preventive measures and also I am sending mails to the
> host.
Firstly, thanks for your analysis and bringing this to our attention.
@Lukas, @Tres, @Jonathan - you're the guys who know this website stuff,
so please let me know what we're doing about this... these
vulnerabilities seem to be about the LSP, so is there anything we can do
about it, or are we just going to leave it be until we can replace it
with the new LSP?
------------------------------------------------------------------------------
Want fast and easy access to all the code in your enterprise? Index and
search up to 200,000 lines of code with a free copy of Black Duck
Code Sight - the same software that powers the world's largest code
search on Ohloh, the Black Duck Open Hub! Try it now.
http://p.sf.net/sfu/bds
_______________________________________________
LMMS-devel mailing list
LMMS-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/lmms-devel
