Project

General

Profile

Security #40

multiple attack vectors [reported by Marek Alaksa from citadelo]

Added by Manuela over 5 years ago.

Status:
Done
Priority:
Dringend
Assignee:
Target version:
-
Start date:
2017-03-28
Due date:
% Done:

100%

Estimated time:

Description

The 3rd component idna_convert (include/idna_convert/example.php) is vulnerable to Reflected Cross-site scripting because it fails to properly sanitize user-supplied input.

http://www.citadelo.com/

(endusers also can delete the example.com. This file is needed only to fullfill the license by distributing.)

Also available in: Atom PDF