XSS within _mbox parameter #3469
Closed
Labels
Milestone
Comments
Comment by @alecpl on 9 Aug 2011 13:48 UTC I'm unable to reproduce. |
Milestone changed by @alecpl on 9 Aug 2011 13:48 UTC later => 0.6-beta |
Comment by abyszko on 9 Aug 2011 14:03 UTC Are you authenticated? |
Comment by phs on 9 Aug 2011 17:37 UTC Could reproduce it (see attachment "screenshot.png"). |
Status changed by @alecpl on 9 Aug 2011 18:41 UTC new => closed |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Reported by abyszko on 9 Aug 2011 10:37 UTC as Trac ticket #1488030
During one of pen-tests I found that _mbox parameter is not properly sanitized and reflected XSS attack is possible - example
http://server/roundcube/?_mbox=%3Cscript%3Ealert(document.cookie)%3C/script%3E
I verified this on 0.5.2 and latest version from trunk.
Migrated-From: http://trac.roundcube.net/ticket/1488030
The text was updated successfully, but these errors were encountered: