Actions
Defect #13069
closedXSS with images
Status:
Closed
Priority:
High
Assignee:
-
Category:
Accounts / authentication
Target version:
-
Start date:
Due date:
% Done:
0%
Estimated time:
Resolution:
Duplicate
Affected version:
Description
If you write in image source address like this: http://www.redmine.org/logout then after image loading user will sigh out.
Sorry for my bad English.
Example: !http://www.redmine.org/logout?a.gif!
Related issues
       Updated by Etienne Massip over 12 years ago
      Updated by Etienne Massip over 12 years ago
      
    
    - Description updated (diff)
- Status changed from New to Closed
- Resolution set to Duplicate
Dupe of #13022 (and not XSS).
Thanks anyway!
Actions