Hi Interesting! Will you create a fix for this?
Regards, // Ola On Fri, Mar 16, 2007 at 08:33:26AM +0100, Lionel Elie Mamane wrote: > Package: imp4 > Version: 4.0.2-1 > Severity: grave > Tags: security > Justification: security hole when package used > > Upstream changelog of new version says: > > This (..) fixes two cross site scripting vulnerabilities. > > Major changes compared to the IMP H3 (4.1.4-RC1) version are: > * Fixed XSS vulnerabilities in the search screen and thread view. > > Sarge may or may not be vulnerable, I haven't checked yet.x > > > _______________________________________________ > pkg-horde-hackers mailing list > [EMAIL PROTECTED] > http://lists.alioth.debian.org/mailman/listinfo/pkg-horde-hackers > -- --------------------- Ola Lundqvist --------------------------- / [EMAIL PROTECTED] Annebergsslingan 37 \ | [EMAIL PROTECTED] 654 65 KARLSTAD | | +46 (0)54-10 14 30 +46 (0)70-332 1551 | | http://opalsys.net/ UIN/icq: 4912500 | \ gpg/f.p.: 7090 A92B 18FE 7994 0C36 4FE4 18A1 B1CF 0FE5 3DD9 / --------------------------------------------------------------- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
