HTML Logo by World Wide Web Consortium (www.w3.org). Click to learn more about our commitment to accessibility and standards.

Moving forward with Composr

ocPortal has been relaunched as Composr CMS, which is now in beta. ocPortal 9 will be superseded by Composr 10.

Head over to compo.sr for our new site, and to our migration roadmap. Existing ocPortal member accounts have been mirrored.


XSS vulnerability patch for ocPortal - Comments

Login / Search

 [ Join | More ]
 

XSS vulnerability patch for ocPortal

Posted 01 March 2015, 8:44 PM

In February 2015 we had a number of ocPortal XSS vulnerabilities reported to us.

XSS vulnerabilities are a class of security bugs that are basically JavaScript code injection attacks. A malicious hacker submits something with embedded JavaScript code, and then when a user goes and views what was submitted, the JavaScript code runs on their machine. This code can then potentially hijack their browser session, for example getting them to unintentionally delete stuff on the…

Read more


Avatar
Thank you Chris and Dennis.

Avatar
Thanks much!   :thumbs:

XSS vulnerability

Avatar
Thank you Chris & co.

1 guests and 0 members have just viewed this: None
Control functions:

Quick reply   Contract

Your name:
Your message: