Cross site scripting on index.php (actually caused by html/index_form.php)

curseknight / phurl

Automatically exported from code.google.com/p/phurl

0 stars 0 forks source link

Cross site scripting on index.php (actually caused by html/index_form.php) #88

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago

Repeat of closed vulnerability 
http://code.google.com/p/phurl/issues/detail?id=69

It wasnt fixed
visiting index.php/"><img src=x onerror=alert(1);>

Causes javascript to be ran

Original issue reported on code.google.com by itspa...@gmail.com on 26 Oct 2010 at 1:31

GoogleCodeExporter commented 9 years ago

Original comment by hcblahb...@gmail.com on 26 Oct 2010 at 8:04

Changed state: Fixed-but-not-released

GoogleCodeExporter commented 9 years ago

Original comment by hcblahb...@gmail.com on 28 Oct 2010 at 12:11

Changed state: Fixed