> as mentioned in http://www.osreviews.net/reviews/comm/awstats, the > same type of XSS vulnerability also exists with the 'diricons' > parameter. In this case, Debian is affected, too.
As Eldy already explained (earlier in this bug report), the entire query
string is sanitised against XSS by a call to CleanFromCSSA. The
osreviews guys noticed that the word "Sanitize" does not surround
diricons ("and possibly others as well"), but they failed to notice the
cleaning call to CleanFromCSSA.
Eldy, would you mind clarifying for us the distinction between Sanitize
and CleanFromCSSA, and explaining why you don't always call Sanitize?
Charles
--
No sooner spread than done
Burma-Shave
http://burma-shave.org/jingles/1939/no_sooner_spread
signature.asc
Description: Digital signature
