summaryrefslogtreecommitdiff
path: root/source3/libads
diff options
context:
space:
mode:
authorKai Blin <kai@samba.org>2011-07-07 10:03:33 +0200
committerJeremy Allison <jra@samba.org>2011-07-26 22:22:25 +0200
commitdc50cf38c11ad845115bae35d2dc8a7e9c4893ff (patch)
tree221a602705636bd3fe3e8d224e592b4aefe96946 /source3/libads
parent78b54e9ee1d9fa7d3117a0a82db11da3f9ec8223 (diff)
downloadsamba-dc50cf38c11ad845115bae35d2dc8a7e9c4893ff.tar.gz
samba-dc50cf38c11ad845115bae35d2dc8a7e9c4893ff.tar.bz2
samba-dc50cf38c11ad845115bae35d2dc8a7e9c4893ff.zip
s3 swat: Fix possible XSS attack (bug #8289)
Nobuhiro Tsuji of NTT DATA SECURITY CORPORATION reported a possible XSS attack against SWAT, the Samba Web Administration Tool. The attack uses reflection to insert arbitrary content into the "change password" page. This patch fixes the reflection issue by not printing user-specified content on the website anymore. Signed-off-by: Kai Blin <kai@samba.org>
Diffstat (limited to 'source3/libads')
0 files changed, 0 insertions, 0 deletions