Bug #991
closed
multiple XSS issues
0%
Description
/pkg_edit.php?xml=olsrd.xml&id=%22/%3E%3Cscript%3Ealert%282%29;%3C/script%3E/status_graph.php?if=%22/%3E%3Cscript%3Ealert%281%29;%3C/script%3E
/graph.php?ifnum=%22/%3E%3Cscript%3Ealert%281%29;%3C/script%3E&ifname=
/graph.php?ifnum=&ifname=%22/%3E%3Cscript%3Ealert%281%29;%3C/script%3E
Updated by Chris Buechler about 14 years ago
- Subject changed from issue 2 THIS ONLY AFFECTS BETA 4 2.0 to multiple XSS issues
- Category set to Web Interface
please don't open a bunch of tickets where there is only one issue.
Updated by dave b about 14 years ago
Chris Buechler wrote:
please don't open a bunch of tickets where there is only one issue.
OH so you think I did that to annoy you?
Really. So you went and closed my bugs in the different web components, highlighting which versions were affected by what?
So I that for fun ...?
Try no.
While pfsense is awesome, imho you sir are not helping here...
Updated by Scott Ullrich about 14 years ago
We prefer to have one ticket open per issue. Even though there where multiple files affected it is still one issue.
In the future when you are dropping stuff on the full disclosure lists why not email coreteam@pfsense.org and give us a heads up.
Thanks
Updated by Scott Ullrich about 14 years ago
- Status changed from New to Feedback
Issues fixed in commits 98bcf1f8 6a937188 8625c24f 50b2f6ab
Updated by dave b about 14 years ago
Scott Ullrich wrote:
We prefer to have one ticket open per issue. Even though there where multiple files affected it is still one issue.
In the future when you are dropping stuff on the full disclosure lists why not email coreteam@pfsense.org and give us a heads up.
Thanks
I would have if it was more serious issue.
Trivial xss that take me almost no time to find can be found in "almost no time" by anyone else who cares.
Updated by Chris Buechler almost 14 years ago
- Status changed from Feedback to Resolved