Re: [Ganglia-general] XSS vulnerabilities in Ganglia web

Subject: Re: [Ganglia-general] XSS vulnerabilities in Ganglia web I recall trying this out on 3.6.2 and I couldn't reproduce it so if you could run this against 3.6.2 and see if you can reproduce it that would be really helpful. Vladimir On 11/07/2014 04:50 PM, Cristovao Jose Domingues Cordeiro

Re: [Ganglia-general] XSS vulnerabilities in Ganglia web

; ganglia-general@lists.sourceforge.net Subject: Re: [Ganglia-general] XSS vulnerabilities in Ganglia web Hi Cristovao, what Ganglia Web version was tested ? Is this against latest e.g. 3.6.2 ? Thanks, Vladimir On 04/11/2014 03:35 AM, Cristovao Jose Domingues Cordeiro wrote: Hi all, recently

Re: [Ganglia-general] XSS vulnerabilities in Ganglia web

-general@lists.sourceforge.net Subject: Re: [Ganglia-general] XSS vulnerabilities in Ganglia web Hi Cristovao, what Ganglia Web version was tested ? Is this against

[Ganglia-general] XSS vulnerabilities in Ganglia web

Hi all, recently I've updated my Ganglia web frontend to the latest version (so I could perform HTTP queries) and when I issued the security check with skipfish I got these: Vulnerabilities found: 33 · Severity: 4, Type: File inclusion .. .. · Severity: 4, Type: Query

Re: [Ganglia-general] XSS vulnerabilities in Ganglia web

On 11/04/14 09:35, Cristovao Jose Domingues Cordeiro wrote: The XSS vulnerability must be fixed for sure. While I share your concerns, it is worth emphasizing that some contributors to the Ganglia project do not use Ganglia in such a way where these risks are a priority for them. In recent