Subject: Re: [Ganglia-general] XSS vulnerabilities in Ganglia web
I recall trying this out on 3.6.2 and I couldn't reproduce it so if you could
run this against 3.6.2 and see if you can reproduce it that would be really
helpful.
Vladimir
On 11/07/2014 04:50 PM, Cristovao Jose Domingues Cordeiro
; ganglia-general@lists.sourceforge.net
Subject: Re: [Ganglia-general] XSS vulnerabilities in Ganglia web
Hi Cristovao,
what Ganglia Web version was tested ? Is this against latest e.g. 3.6.2 ?
Thanks,
Vladimir
On 04/11/2014 03:35 AM, Cristovao Jose Domingues Cordeiro wrote:
Hi all,
recently
-general@lists.sourceforge.net
Subject: Re: [Ganglia-general] XSS
vulnerabilities in Ganglia web
Hi Cristovao,
what Ganglia Web version was tested ? Is this against
Hi all,
recently I've updated my Ganglia web frontend to the latest version (so I could
perform HTTP queries) and when I issued the security check with skipfish I got
these:
Vulnerabilities found: 33
· Severity: 4, Type: File inclusion
..
..
· Severity: 4, Type: Query
On 11/04/14 09:35, Cristovao Jose Domingues Cordeiro wrote:
The XSS vulnerability must be fixed for sure.
While I share your concerns, it is worth emphasizing that some
contributors to the Ganglia project do not use Ganglia in such a way
where these risks are a priority for them.
In recent
5 matches
Mail list logo