Join GitHub today
GitHub is home to over 20 million developers working together to host and review code, manage projects, and build software together.
XSS in Ganglia-Web 3.5.10 and earlier #218
Sorry for reporting this so late, there were some health issues and a vacation in the way.
=== Security Advisory ===
Ganglia-Web 3.5.10 - XSS
At least ganglia-web-3.5.8 and ganglia-web-3.5.10
Technical Risk: medium
While taking a quick look at the web interface, a
The GET variable is retrieved in file get_context.php, line 89
Temporary Workaround and Fix
Apply the following patch to properly encode the variable:
--- header.php.old 2013-09-30 21:07:26.272287657 +0200
30.09.2013 - Issue detected