possible xss in login screen
Hello,
there is a fix for an xss in the gosa code, mayber we are affected too
debian/patches: Add 0003_xss-vulnerability-on-login-screen.patch. Escape html entities to fix xss at the login screen. (Closes: #753388).
Cheers
(from redmine: issue id 3316, created on 2014-09-02, closed on 2014-09-22)
- Changesets:
- Revision 13ecbb25 by Côme Chilliet on 2014-09-15T12:35:52.000Z:
Fixes: #3316 possible xss in login screen- Revision 88e9c859 by Côme Chilliet on 2014-09-15T12:36:08.000Z:
Fixes: #3316 possible xss in login screen- Custom Fields:
- Bug in version: 1.0.8.1
- Uploads:
To upload designs, you'll need to enable LFS. More information