[Savannah-help-public] [sr #107282] XSS in account email change form

Matt McCutchen Wed, 24 Feb 2010 15:39:33 -0800

URL:
  <http://savannah.gnu.org/support/?107282>


                 Summary: XSS in account email change form
                 Project: Savannah Administration
            Submitted by: hashproduct
            Submitted on: Wed 24 Feb 2010 06:39:20 PM EST
                Category: Savannah website
                Priority: 5 - Normal
                Severity: 6 - Security
                  Status: None
             Assigned to: None
        Originator Email: 
        Operating System: None
             Open/Closed: Open
         Discussion Lock: Any

    _______________________________________________________

Details:

https://savannah.gnu.org/my/admin/change.php?item=email&confirm_hash=%27%3E%3Cscript%3Ealert%28%27xss%27%29;%3C/script%3E&step=confirm




    _______________________________________________________

Reply to this item at:

  <http://savannah.gnu.org/support/?107282>

_______________________________________________
  Message sent via/by Savannah
  http://savannah.gnu.org/

[Savannah-help-public] [sr #107282] XSS in account email change form

Reply via email to