Date: Wed, 27 Jun 2018 13:06:31 +0200 From: Hanno Böck <hanno@...eck.de> To: oss-security@...ts.openwall.com Subject: Re: squirrelmail XSS issues in bug tracker since 2016 On Wed, 27 Jun 2018 12:26:09 +0200 Hanno Böck <hanno@...eck.de> wrote: > PoC1: I couldn't reproduce it (either it's fixed or the browser > behavior changed, I haven't verified in-depth). Ok, sorry for sending so many mails, but this actually works, too. Must have done something wrong first time I tried it. (having a white rectangle to click on is maybe not the best poc.) -- Hanno Böck https://hboeck.de/ mail/jabber: hanno@...eck.de GPG: FE73757FA60E4E21B937579FA5880072BBB51E42
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ