projects / squirrelmail.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: ba6d2a9) | patch
Fix XSS holes in generic options inputs, XSS hole in the SquirrelSpell plugin, and...
authorpdontthink <pdontthink@7612ce4b-ef26-0410-bec9-ea0150e637f0>
Tue, 12 Jul 2011 04:45:49 +0000 (04:45 +0000)
committerpdontthink <pdontthink@7612ce4b-ef26-0410-bec9-ea0150e637f0>
Tue, 12 Jul 2011 04:45:49 +0000 (04:45 +0000)
commitce102fcc55bdbde46a6ecd8897c0df0567f19610
tree26ff27fbc203304429d27ad3990ced47af9ad0fftree | snapshot (zip tar.gz)
parentba6d2a963accba3b98fff1d9acb5f1626705d832commit | diff
Fix XSS holes in generic options inputs, XSS hole in the SquirrelSpell plugin, and added anti-CSRF protection to the empty trash feature (thanks to Nicholas Carlini for finding all these issues) [CVE-2010-4555]

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14120 7612ce4b-ef26-0410-bec9-ea0150e637f0
doc/ChangeLog diff | blob | blame | history
functions/options.php diff | blob | blame | history
plugins/squirrelspell/modules/check_me.mod diff | blob | blame | history
src/empty_trash.php diff | blob | blame | history
templates/default/left_main.tpl diff | blob | blame | history
templates/default_advanced/left_main.tpl diff | blob | blame | history
Unnamed repository; edit this file 'description' to name the repository.