Uploaded image for project: 'VCL'
  1. VCL
  2. VCL-486

Measures against cross site scripting on the Login form

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • 2.2
    • 2.2.2, 2.3
    • web gui (frontend)

    Description

      The Userid entry on the Login form is vulnerable to cross site scripting. We have prevented exploitation by sanitizing the Userid.

      Attachments

        1. authentication.php
          23 kB
          Toru Yokoyama
        2. authentication.php.diff
          0.7 kB
          Toru Yokoyama

        Activity

          People

            Unassigned Unassigned
            operation-v@ml.itg.hitachi.co.jp Toru Yokoyama
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: