|
|
OF-1022
|
OF-942
Reflected XSS vulnerability in muc-room-edit-form.jsp params in Admin Console
|
Dave Cridland
|
Tim Durden (Inactive)
|
|
Closed |
Fixed
|
|
|
|
|
|
OF-1019
|
OF-942
Admin Cross Site Scripting (XSS) Vulnerabilities
|
Dave Cridland
|
Tim Durden (Inactive)
|
|
Resolved |
Fixed
|
|
|
|
|
|
OF-1018
|
OF-942
The โaliasโ field on the Trust Store Import Form permits entry of JavaScript
|
Dave Cridland
|
Tim Durden (Inactive)
|
|
Resolved |
Fixed
|
|
|
|
|
|
OF-997
|
OF-942
Admin Console: Frameable Response (potential Clickjacking)
|
Dave Cridland
|
Tim Durden (Inactive)
|
|
Resolved |
Fixed
|
|
|
|
|
|
OF-941
|
OF-942
CVE-2015-7707 Admin Console Privilege Escalation Vulnerability
|
Dave Cridland
|
wroot
|
|
Closed |
Fixed
|
|
|
|
|
|
OF-845
|
OF-942
XSS vulnerability in Monitoring Service pages in Admin Console
|
Tom Evans
|
wroot
|
|
Resolved |
Fixed
|
|
|
|
|
|
OF-836
|
OF-942
Multiple Reflected XSS Vulnerabilities in Admin Console
|
Dave Cridland
|
Dave Cridland
|
|
Resolved |
Fixed
|
|
|
|
|
|
OF-834
|
OF-942
Admin console login.jsp allows redirects to non-local URIs
|
Dave Cridland
|
Daryl Herzmann
|
|
Closed |
Fixed
|
|
|
|
|
|
OF-777
|
OF-942
Admin Console Cross Site Request Forgery (CSRF) Vulnerability
|
Dave Cridland
|
wroot
|
|
Resolved |
Fixed
|
|
|
|