summaryrefslogtreecommitdiffstats
path: root/extensions/Voting/template/en/default/hook
diff options
context:
space:
mode:
authorFrédéric Buclin <LpSolit@gmail.com>2011-01-24 19:29:39 +0100
committerFrédéric Buclin <LpSolit@gmail.com>2011-01-24 19:29:39 +0100
commit9244270a7d1ca49e315a98c24d51bf405bfa2880 (patch)
tree46587cdf26360fd54abb79986d11c8b9234e4fe0 /extensions/Voting/template/en/default/hook
parent38eeecf6362b6dc17718c84a35dbbaea7cc15ccd (diff)
downloadbugzilla-9244270a7d1ca49e315a98c24d51bf405bfa2880.tar.gz
bugzilla-9244270a7d1ca49e315a98c24d51bf405bfa2880.tar.xz
Bug 619588: (CVE-2010-4567) [SECURITY] Safety checks that disallow clicking for javascript: or data: URLs in the URL field can be evaded with prefixed whitespace
and Bug 628034: (CVE-2011-0048) [SECURITY] For not-logged-in users, the URL field doesn't safeguard against javascript: or data: URLs r=dkl a=LpSolit
Diffstat (limited to 'extensions/Voting/template/en/default/hook')
0 files changed, 0 insertions, 0 deletions