Join GitHub today
GitHub is home to over 31 million developers working together to host and review code, manage projects, and build software together.
Sign upXSS within _mbox parameter #3469
Comments
This comment has been minimized.
This comment has been minimized.
|
Comment by @alecpl on 9 Aug 2011 13:48 UTC I'm unable to reproduce. |
This comment has been minimized.
This comment has been minimized.
|
Milestone changed by @alecpl on 9 Aug 2011 13:48 UTC later => 0.6-beta |
This comment has been minimized.
This comment has been minimized.
|
Comment by abyszko on 9 Aug 2011 14:03 UTC Are you authenticated? |
This comment has been minimized.
This comment has been minimized.
|
Comment by phs on 9 Aug 2011 17:37 UTC Could reproduce it (see attachment "screenshot.png"). |
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
|
Status changed by @alecpl on 9 Aug 2011 18:41 UTC new => closed |
rcubetrac
closed this
Aug 9, 2011
rcubetrac
added
bug
C: Security
P2
labels
Mar 20, 2016
rcubetrac
added this to the 0.6-beta milestone
Mar 20, 2016
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
rcubetrac commentedAug 9, 2011
Reported by abyszko on 9 Aug 2011 10:37 UTC as Trac ticket #1488030
During one of pen-tests I found that _mbox parameter is not properly sanitized and reflected XSS attack is possible - example
http://server/roundcube/?_mbox=%3Cscript%3Ealert(document.cookie)%3C/script%3E
I verified this on 0.5.2 and latest version from trunk.
Migrated-From: http://trac.roundcube.net/ticket/1488030