Bug #2042

Security Problem - root_doc computation

Added by tsmr about 4 years ago. Updated about 4 years ago.

Status:Closed Start date:02/18/2010
Priority:Normal Due date:
Assignee:moyo % Done:


Target version:0.72.4


Nikto report

OSVDB-0: GET //index.php/\"><script><script>alert(document.cookie)</script>< : eZ publish v3 and prior allow Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.

Example :


Related issues

related to GLPI-PROJECT - Bug #2043: Security : clean $_SERVER['PHP_SELF'] REQUEST_URI... Closed 02/18/2010


Updated by moyo about 4 years ago

  • Status changed from New to Closed
  • Assignee set to moyo
  • Target version changed from 0.78 to 0.72.4

Updated by moyo about 4 years ago

  • Tracker changed from Task to Bug

Also available in: Atom PDF