View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
08437 | Bug reports | Security | public | 2013-12-09 11:57 | 2013-12-09 15:22 |
Reporter | mas_carpone | Assigned To | c_schmitz | ||
Priority | normal | Severity | minor | ||
Status | closed | Resolution | fixed | ||
Product Version | 2.00+ | ||||
Fixed in Version | 2.05+ | ||||
Summary | 08437: Failed Security Test due to old (unsafe?) version of jQuery | ||||
Description | Dear all, Not sure about the severuty and priority for this. For us it is an issue because the failed security teste impeds us to move to the new version. Here are th details: Description Malicious users may inject JavaScript, VBScript, ActiveX, HTML or Flash into a vulnerable application to fool a user in order to gather data from them. An attacker can steal the session cookie and take over the account, impersonating the user. It is also possible to modify the content of the page presented to the user. Recommendation | ||||
Tags | No tags attached. | ||||
Bug heat | 252 | ||||
Complete LimeSurvey version number (& build) | Version 2.00+ Build 131022 | ||||
I will donate to the project if issue is resolved | No | ||||
Browser | |||||
Database type & version | N/A | ||||
Server OS (if known) | N/A | ||||
Webserver software & version (if known) | N/A | ||||
PHP Version | N/A | ||||
Date Modified | Username | Field | Change |
---|---|---|---|
2013-12-09 11:57 | mas_carpone | New Issue | |
2013-12-09 15:22 | c_schmitz | Note Added: 27526 | |
2013-12-09 15:22 | c_schmitz | Status | new => resolved |
2013-12-09 15:22 | c_schmitz | Fixed in Version | => 2.05+ |
2013-12-09 15:22 | c_schmitz | Resolution | open => fixed |
2013-12-09 15:22 | c_schmitz | Assigned To | => c_schmitz |
2013-12-09 15:22 | c_schmitz | Status | resolved => closed |