Donations
News
About
Support
Security
Screen shots
Download
Plugins
Documentation
Sponsors
Bounties
Junk Email Filter
|
Security
Possible XSS in MagicHTML (IE only)
- Date:
- 2006-02-10
- Description:
- The MagicHTML filter for incoming HTML email did not correctly disregard comments (/* */) inserted in style sheets ("u/* */rl"). It also accepted "u\rl" as "url" in styles. These allow a malicious user to break the privacy of the user by having them request an item from a remote site when reading the mail. This happens only in browsers that parse this invalid style, only one known is Internet Explorer.
- Affected Versions:
- <= 1.4.5
- Register Globals:
- Register_globals does not have to be on for this issue.
- CVE ID(s):
- CVE-2006-0195
- Patch:
- view patch
- Credits:
- These issues were discovered by Martijn Brinkers and Scott Hughes.
- This page last updated:
- 2007-07-03 12:59:23
|