[aur-dev] [PATCH] Cross-Site Scripting vulnerability
leonharv at unix-ag.uni-kl.de
Sat Oct 2 12:56:06 EDT 2010
While working on a better E-mail validation, i found some cross-site
in the lib/accfuncs.inc. Here is the Patch, witch is fixing this
problem. I hope, that i found
all relevant parts, because I'm not so familiar with this site. You can
try it by your own
by setting a user name or e-mail with a single quote. Like:
I will soon commit a patch for the E-mail validation using this website.
The most is working, except an problem with the double quotes.
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
More information about the aur-dev