Uploaded image for project: 'Observium'
  1. Observium
  2. OBS-3713

Potential for XSS in menu search

Details

    • Bug
    • Resolution: Fixed
    • Major
    • None
    • Professional Edition
    • Web Interface

    Description

      There is a potential for XSS if one decides to output the queryString returned by search input.
      Fixed by using the get_vars() function

      Attachments

        Activity

          [OBS-3713] Potential for XSS in menu search
          bot Observium Bot made changes -
          Status Original: Resolved [ 5 ] New: Closed [ 6 ]
          landy Mike Stupalov made changes -
          Assignee Original: Adam Armstrong [ adama ] New: Mike Stupalov [ landy ]
          Resolution New: Fixed [ 1 ]
          Status Original: Open [ 1 ] New: Resolved [ 5 ]
          landy Mike Stupalov added a comment -

          Yah, sure.. added in r11220.

          landy Mike Stupalov added a comment - Yah, sure.. added in r11220.
          kentbjoh Kent Johannessen created issue -

          People

            landy Mike Stupalov
            kentbjoh Kent Johannessen
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: