Roundup Tracker - Issues

Message4915

Author iwontbecreative
Recipients iwontbecreative
Date 2013-07-16.16:28:52
Message-id <1373992133.4.0.162526295526.issue2550817@psf.upfronthosting.co.za>
In-reply-to 
Original report at : 
http://psf.upfronthosting.co.za/roundup/meta/issue519 about the python 
modifier roundup bugtracker.

This post : http://mail.python.org/pipermail/python-committers/2013-
July/002606.html seems to highlight that this is a roundup security 
issue while this confirms it : http://issues.roundup-tracker.org/user?
@sort=%3Cscript%3Ealert('XSS')%3C/script%3E%3Ch1%3E

XSS issues allow for many things including stealing session cookies. It 
might be worth to read the entire report on the python meta-tracker 
since it shows another issue closely related (also with the sort 
parameter).

Thibault FĂ©vry
History
Date User Action Args
2013-07-16 16:28:53iwontbecreativesetrecipients: + iwontbecreative
2013-07-16 16:28:53iwontbecreativesetmessageid: <1373992133.4.0.162526295526.issue2550817@psf.upfronthosting.co.za>
2013-07-16 16:28:53iwontbecreativelinkissue2550817 messages
2013-07-16 16:28:52iwontbecreativecreate

Supported by The Python Software Foundation,
Powered by Roundup

Last modified: Fri Feb 28 22:02:04 EST 2020