Date: Fri, 03 Feb 2012 01:48:52 -0700 From: Kurt Seifried <kseifried@...hat.com> To: oss-security@...ts.openwall.com CC: Agostino Sarubbo <ago@...too.org> Subject: Re: CVE request: phpldapadmin "base" Cross-Site Scripting Vulnerability On 02/02/2012 04:15 AM, Agostino Sarubbo wrote: > According to secunia advisory: > https://secunia.com/advisories/47852/ > > Input passed via the "base" parameter to cmd.php (when "cmd" is set > to "query_engine") is not properly sanitised in lib/QueryRender.php > before being returned to the user. This can be exploited to execute > arbitrary HTML and script code in a user's browser session in > context of an affected site. > > The vulnerability is confirmed in version 1.2.2. Other versions may > also be affected. > > Original Advisory: > https://sourceforge.net/tracker/index.php?func=detail&aid=3477910&group_id=61828&atid=498546 > > Commit code: > http://phpldapadmin.git.sourceforge.net/git/gitweb.cgi?p=phpldapadmin/phpldapadmin;a=commit;h=7dc8d57d6952fe681cb9e8818df7f103220457bd > > Ah our missing friend htmlspecialchars. Please use CVE-2012-0834 for this issue. -- Kurt Seifried Red Hat Security Response Team (SRT)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ