Project

General

Profile

Bug #9866

freeradius_view_config.php: File contents are displayed without encoding

Added by Jim Pingle about 1 month ago. Updated 29 days ago.

Status:
Feedback
Priority:
High
Assignee:
Category:
FreeRADIUS
Target version:
-
Start date:
10/31/2019
Due date:
% Done:

0%

Estimated time:
Affected Version:
All
Affected Architecture:
All

Description

freeradius_view_config.php reads and displays the contents of several FreeRADIUS-related files. The contents are displayed without encoding, which enables potential XSS exploitation.

History

#1 Updated by Jim Pingle about 1 month ago

  • Status changed from New to Feedback

#2 Updated by Jim Pingle 29 days ago

  • Private changed from Yes to No

Also available in: Atom PDF