DSA-1560 kronolith2 – insufficient input sanitising
“The-0utl4w” discovered that the Kronolith, calendar component for
the Horde Framework, didn’t properly sanitise URL input, leading to
a cross-site scripting vulnerability in the add event screen.
Read the full story: DSA-1560 kronolith2 – insufficient input sanitising: http://www.debian.org/security/2008/dsa-1560
Tags: advisory, Debian, DSA, Security
This entry was posted
on Monday, April 28th, 2008 at 8:16 pm and is filed under Debian Security.
You can follow any responses to this entry through the RSS 2.0 feed.
You can skip to the end and leave a response. Pinging is currently not allowed.