securimage XSS vulnerability

uHotelBooking
Talk and help info about common issues

Moderators: ne_moj, zewa

securimage XSS vulnerability

Postby paragate on Jan 11th, '17, 11:21

Hi
is it possiblible to upgrade securimage to 3.6.4 regarding
"which could allow an attacker to inject arbitrary Javascript code via a crafted URL. Users directed to the malicious URL could have cookies or other sensitive information exposed, or have more dangerous Javascript code executed."

regards
User avatar
paragate
Master
Master
 
Posts: 104
Joined: Nov 13th, '14, 13:04
Location: Denmark, Odense

Re: securimage XSS vulnerability

Postby administrator on Jan 11th, '17, 12:33

Thanks, we'll upgrade this component in the next version.
User avatar
administrator
Site Admin
Site Admin
 
Posts: 5841
Joined: Jan 7th, '09, 23:18


Return to uHotelBooking {ALL}

Who is online

Users browsing this forum: No registered users and 1 guest

cron