XSS vulnerability found from http://http://qa.debian.org

Hello, I found XSS vulnerability from http://qa.debian.org/ service. Here is proof of concept: http://qa.debian.org/developer.php?login=%27%22%3E%3Cmarquee%3E&comaint=yes Please reply when this has been fixed, thank you. --- Henri Salo signature.asc Description: Digital signature

Re: XSS vulnerability found from http://qa.debian.org

* Henri Salo , 2014-05-01, 14:26: http://qa.debian.org/developer.php?login=%27%22%3E%3Cmarquee%3E&comaint=yes This is bug #717082. -- Jakub Wilk -- To UNSUBSCRIBE, email to debian-qa-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archiv

Bug#746621: DDPO: Integrate Piuparts (w/ patches)

Package: qa.debian.org Severity: wishlist Tags: patch X-Debbugs-CC: piuparts-de...@lists.alioth.debian.org thanks Piuparts has a new summary file format, visible at https://piuparts.debian.org/summary.json. The attached patches use that data to integrate piuparts into the DDPO report, to the righ