https://redmine.pfsense.org/https://redmine.pfsense.org/favicon.ico?16780521162019-06-13T12:15:19ZpfSense bugtrackerpfSense - Bug #9584: Potential XSS in services_acb.php via hostname parameter with legacy settingshttps://redmine.pfsense.org/issues/9584?journal_id=408892019-06-13T12:15:19ZJim Pingle
<ul><li><strong>Status</strong> changed from <i>New</i> to <i>Feedback</i></li><li><strong>% Done</strong> changed from <i>0</i> to <i>100</i></li></ul><p>Applied in changeset <a class="changeset" title="Encode hostname in services_acb.php before use. Fixes #9584" href="https://redmine.pfsense.org/projects/pfsense/repository/2/revisions/fe482ccc1eaf59137b29008bc040faaad25088f0">fe482ccc1eaf59137b29008bc040faaad25088f0</a>.</p> pfSense - Bug #9584: Potential XSS in services_acb.php via hostname parameter with legacy settingshttps://redmine.pfsense.org/issues/9584?journal_id=421322019-08-26T13:16:22ZJim Pingle
<ul><li><strong>Status</strong> changed from <i>Feedback</i> to <i>Resolved</i></li></ul><p>Legacy options are moot now, they have been removed.</p> pfSense - Bug #9584: Potential XSS in services_acb.php via hostname parameter with legacy settingshttps://redmine.pfsense.org/issues/9584?journal_id=431492019-12-02T15:53:50ZJim Pingle
<ul><li><strong>Target version</strong> changed from <i>2.5.0</i> to <i>2.4.5</i></li></ul> pfSense - Bug #9584: Potential XSS in services_acb.php via hostname parameter with legacy settingshttps://redmine.pfsense.org/issues/9584?journal_id=432652019-12-05T15:12:25ZJim Pingle
<ul><li><strong>Status</strong> changed from <i>Resolved</i> to <i>Feedback</i></li></ul><p>Needs checked and/or tested again on 2.4.5 snapshots</p> pfSense - Bug #9584: Potential XSS in services_acb.php via hostname parameter with legacy settingshttps://redmine.pfsense.org/issues/9584?journal_id=435982019-12-20T13:10:26ZJim Pingle
<ul><li><strong>Status</strong> changed from <i>Feedback</i> to <i>Resolved</i></li></ul><p>The affected code has been completely removed from 2.4.5 and later, so this has become moot.</p> pfSense - Bug #9584: Potential XSS in services_acb.php via hostname parameter with legacy settingshttps://redmine.pfsense.org/issues/9584?journal_id=455612020-04-10T09:11:38ZJim Pingle
<ul><li><strong>Private</strong> changed from <i>Yes</i> to <i>No</i></li></ul>