Security #40: multiple attack vectors [reported by Marek Alaksa from citadelo] - WB 2.11.0 - Tracking

Actions

Copy link

Security #40

closed

multiple attack vectors [reported by Marek Alaksa from citadelo]

Added by Anonymous over 7 years ago.

Status:

Done

Priority:

Dringend

Assignee:

Target version:

Start date:

2017-03-28

Due date:

% Done:

100%

Estimated time:

Description

The 3rd component idna_convert (include/idna_convert/example.php) is vulnerable to Reflected Cross-site scripting because it fails to properly sanitize user-supplied input.

http://www.citadelo.com/

(endusers also can delete the example.com. This file is needed only to fullfill the license by distributing.)

No data to display

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

WB 2.11.0

Security #40

multiple attack vectors [reported by Marek Alaksa from citadelo]