potential XSS exploit
Bug #297829 reported by
tron
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Pidgin-WebKit |
New
|
Critical
|
Simo Mattila |
Bug Description
Pasting the following in a conversation:
<iframe src="[url]" marginwidth="0" marginheight="0" width="468" height="60" frameborder="0" style="
Redirects the recipient and the sender to [url] without confirmation and prevents new messages from the sender from displaying.
Changed in pidgin-webkit: | |
assignee: | nobody → simom |
importance: | Undecided → Critical |
To post a comment you must log in.
On what protocol this is happening? Because I can't reproduce this on msn or xmpp.