Donations
News
About
Support
Security
Screen shots
Download
Plugins
Documentation
Sponsors
Bounties
Junk Email Filter
|
Security
Cross site scripting issues in decrypt_headers.php
- Date:
- 2009-05-09
- Description:
- An issue was fixed wherein input to the contrib/decrypt_headers.php script was not sanitized and allowed arbitrary script execution upon submission of certain values.
- Affected Versions:
- <= 1.4.17
- Register Globals:
- Register_globals does not have to be on for this issue.
- CVE ID(s):
- CVE-2009-1578
- Patch:
- view patch
- Credits:
- Niels Teusink
- This page last updated:
- 2009-05-09 00:00:00
|
