- Anonymous
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0002369 | SOGo | Web Calendar | public | 2013-07-15 13:56 | 2013-07-16 15:32 |
| Reporter | ispoljaric | Assigned To | |||
| Priority | normal | Severity | minor | Reproducibility | always |
| Status | closed | Resolution | fixed | ||
| Product Version | 2.0.6 | ||||
| Fixed in Version | 2.0.7 | ||||
| Summary | 0002369: Persistant XSS via calendar invitation. | ||||
| Description | XSS in location part of the event calendar, trough invitation. | ||||
| Steps To Reproduce | Create a new event with following code(1) as location, and invite a Sogo user. (1) Whatever <script>alert('xss')\;</script> The code gets executed after clicking on calendar event. | ||||
| Tags | No tags attached. | ||||
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2013-07-15 13:56 | ispoljaric | New Issue | |
| 2013-07-16 15:32 | ludovic | Note Added: 0005749 | |
| 2013-07-16 15:32 | ludovic | Status | new => closed |
| 2013-07-16 15:32 | ludovic | Resolution | open => fixed |
| 2013-07-16 15:32 | ludovic | Fixed in Version | => 2.0.7 |