View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0006010 | SOGo | Web Preferences | public | 2024-08-20 00:04 | 2024-09-12 06:58 |
| Reporter | julian123 | Assigned To | qhivert | ||
| Priority | normal | Severity | minor | Reproducibility | always |
| Status | closed | Resolution | duplicate | ||
| Platform | [Server] Linux | OS | Ubuntu | OS Version | 16.04 LTS |
| Product Version | 5.10.0 | ||||
| Summary | 0006010: Stored-XSS in Reply to Email | ||||
| Description | A cross-site scripting payload can be stored in the IMAP account full name and signature fields, leading to execution when the user navigates to their inbox. | ||||
| Steps To Reproduce |
| ||||
| Tags | Security | ||||
| related to | 0006009 | closed | qhivert | Stored-XSS in Vacation Auto-Reply |
| related to | 0006008 | closed | qhivert | Stored-XSS in Mail Filters Field |
| related to | 0006007 | closed | qhivert | Stored-XSS in Mail Labels Field |
| related to | 0006006 | closed | qhivert | Calendar Categories Stored-XSS |
| related to | 0006004 | resolved | qhivert | Stored-XSS in Contacts Category Fields |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2024-08-20 00:04 | julian123 | New Issue | |
| 2024-08-20 00:04 | julian123 | Tag Attached: Security | |
| 2024-08-20 14:07 | qhivert | Relationship added | related to 0006009 |
| 2024-08-20 14:07 | qhivert | Relationship added | related to 0006008 |
| 2024-08-20 14:08 | qhivert | Relationship added | related to 0006007 |
| 2024-08-20 14:08 | qhivert | Relationship added | related to 0006006 |
| 2024-08-20 14:08 | qhivert | Relationship added | related to 0006004 |
| 2024-09-12 06:58 | qhivert | Assigned To | => qhivert |
| 2024-09-12 06:58 | qhivert | Status | new => closed |
| 2024-09-12 06:58 | qhivert | Resolution | open => duplicate |
