Skip to content

GitLab

  • Projects
  • Groups
  • Snippets
  • Help
    • Loading...
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in
fusiondirectory
fusiondirectory
  • Project overview
    • Project overview
    • Details
    • Activity
    • Releases
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
  • Issues 39
    • Issues 39
    • List
    • Boards
    • Labels
    • Service Desk
    • Milestones
  • Operations
    • Operations
    • Incidents
  • Packages & Registries
    • Packages & Registries
    • Container Registry
  • Analytics
    • Analytics
    • Repository
    • Value Stream
  • Wiki
    • Wiki
  • Snippets
    • Snippets
  • Members
    • Members
  • Activity
  • Graph
  • Create a new issue
  • Commits
  • Issue Boards
Collapse sidebar
  • fusiondirectory
  • fusiondirectoryfusiondirectory
  • Issues
  • #3316

Closed
Open
Opened Sep 02, 2014 by bmortier@bmortierMaintainer

possible xss in login screen

Hello,

there is a fix for an xss in the gosa code, mayber we are affected too

http://anonscm.debian.org/cgit/debian-edu/pkg-team/gosa.git/commit/?id=e8a1651380fee4de005750487e926c2971b86290

debian/patches: Add 0003_xss-vulnerability-on-login-screen.patch. Escape html entities to fix xss at the login screen. (Closes: #753388).

Cheers

(from redmine: issue id 3316, created on 2014-09-02, closed on 2014-09-22)

  • Changesets:
    • Revision 13ecbb25 by Côme Chilliet on 2014-09-15T12:35:52.000Z:
Fixes: #3316 possible xss in login screen
  • Revision 88e9c859 by Côme Chilliet on 2014-09-15T12:36:08.000Z:
Fixes: #3316 possible xss in login screen
  • Custom Fields:
    • Bug in version: 1.0.8.1
  • Uploads:
    • 0001-Fixes-3316-possible-xss-in-login-screen.patch
Assignee
Assign to
FusionDirectory 1.0.8.2
Milestone
FusionDirectory 1.0.8.2
Assign milestone
Time tracking
None
Due date
None
Reference: fusiondirectory/fd#3316