Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Possible new vulnerabilities in V7.6 #158

Closed
EvanYu0816 opened this issue Feb 22, 2021 · 3 comments
Closed

Possible new vulnerabilities in V7.6 #158

EvanYu0816 opened this issue Feb 22, 2021 · 3 comments

Comments

@EvanYu0816
Copy link

Hi OS4ED Team!

I believe I've discovered a reflected XSS and a local file inclusion vulnerability in openSIS V7.6. I don't think they have been reported yet.

Since I feel like the 2 vulnerabilities are relatively impactful, I've sent the detail and the POC in an email to info@os4ed.com last week. Is that the correct place to report it?

Thanks in advance!

@openSISAdmin
Copy link
Member

Yes, we received those details and the developers will address them as soon as possible.

Thanks

@EvanYu0816
Copy link
Author

Thank you!

@openSISAdmin
Copy link
Member

Issue was resolved and code committed to the repo.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants