URL:
<http://savannah.gnu.org/support/?107136>
Summary: Javascript tracker redirection
Project: Savannah Administration
Submitted by: nicalvaro
Submitted on: Thu 19 Nov 2009 03:46:33 PM EST
Category: Trackers (bugs, support, tasks...)
Priority: 5 - Normal
Severity: 4 - Important
Status: Works For Me
Assigned to: None
Originator Email:
Operating System: None
Open/Closed: Open
Discussion Lock: Any
_______________________________________________________
Details:
A spammer can trick users into following a URL by uploading a javascript
attachment to the trackers. It has happened a few times so far and someone
complained about it on November 12 in #savannah.
Just to be sure if it a having a file extension matters or not, I uploaded 2
versions with the same script. If it works correctly you will be redirected to
google.com .
javascript-test.js and javascript-test
_______________________________________________________
File Attachments:
-------------------------------------------------------
Date: Thu 19 Nov 2009 03:46:34 PM EST Name: javascript-test Size: 94B By:
nicalvaro
<http://savannah.gnu.org/support/download.php?file_id=19083>
_______________________________________________________
Reply to this item at:
<http://savannah.gnu.org/support/?107136>
_______________________________________________
Message sent via/by Savannah
http://savannah.gnu.org/
