Bug #991
closed
Added by dave b about 14 years ago.
Updated almost 14 years ago.
Description
/pkg_edit.php?xml=olsrd.xml&id=%22/%3E%3Cscript%3Ealert%282%29;%3C/script%3E/status_graph.php?if=%22/%3E%3Cscript%3Ealert%281%29;%3C/script%3E
/graph.php?ifnum=%22/%3E%3Cscript%3Ealert%281%29;%3C/script%3E&ifname=
/graph.php?ifnum=&ifname=%22/%3E%3Cscript%3Ealert%281%29;%3C/script%3E
- Subject changed from issue 2 THIS ONLY AFFECTS BETA 4 2.0 to multiple XSS issues
- Category set to Web Interface
please don't open a bunch of tickets where there is only one issue.
Chris Buechler wrote:
please don't open a bunch of tickets where there is only one issue.
OH so you think I did that to annoy you?
Really. So you went and closed my bugs in the different web components, highlighting which versions were affected by what?
So I that for fun ...?
Try no.
While pfsense is awesome, imho you sir are not helping here...
We prefer to have one ticket open per issue. Even though there where multiple files affected it is still one issue.
In the future when you are dropping stuff on the full disclosure lists why not email coreteam@pfsense.org and give us a heads up.
Thanks
- Status changed from New to Feedback
Issues fixed in commits 98bcf1f8 6a937188 8625c24f 50b2f6ab
Scott Ullrich wrote:
We prefer to have one ticket open per issue. Even though there where multiple files affected it is still one issue.
In the future when you are dropping stuff on the full disclosure lists why not email coreteam@pfsense.org and give us a heads up.
Thanks
I would have if it was more serious issue.
Trivial xss that take me almost no time to find can be found in "almost no time" by anyone else who cares.
- Status changed from Feedback to Resolved
Also available in: Atom
PDF
Updated by 
Updated by 
Updated by