Ticket #557 (closed security: fixed)

Opened 2 years ago

Last modified 2 years ago

XSS vulnerability in several PHP scripts

Reported by: rjl@… Owned by: rjl
Priority: highest Milestone:
Component: PHP scripts Version: 1.0.2
Severity: critical Keywords: xss security
Cc:

Description

Several of the Maia Mailguard PHP scripts included with versions up to and including version 1.0.2a contain cross-site scripting vulnerabilities, as described in this advisory:

http://buguroo.com/adv/Buguroo_ADV_2011-001.txt

Change History

Changed 2 years ago by rjl@…

  • status changed from new to closed
  • resolution set to fixed

These vulnerabilities have been addressed by [1508], [1509], [1510], and [1511]. A new 1.0.2b release has been issued with these changes.

Note: See TracTickets for help on using tickets.