XSS in pgstatus code
Hi Mehdi, Debian WB-Team, debian-ports.org webadmins,
I just came across this XSS in the pgstatus code and though I'd let you
know.
> https://buildd.debian.org/status/architecture.php?a=%3Cscript%3Ealert%28%27Whoops,%20XSS.%27%29%3C/script%3E
> http://buildd.debian-ports.org/status/architecture.php?a=%3Cscript%3Ealert%28%27Whoops,%20XSS.%27%29%3C/script%3E
If possible, please let me know whether and how you will or did already
handle it.
Thanks for keeping things up and running,
Moritz
Reply to: