[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Savannah-help-public] [sr #107136] Javascript tracker redirection
|
From: |
Nicodemo Alvaro |
|
Subject: |
[Savannah-help-public] [sr #107136] Javascript tracker redirection |
|
Date: |
Thu, 19 Nov 2009 20:46:35 +0000 |
|
User-agent: |
Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.14) Gecko/2009090216 |
URL:
<http://savannah.gnu.org/support/?107136>
Summary: Javascript tracker redirection
Project: Savannah Administration
Submitted by: nicalvaro
Submitted on: Thu 19 Nov 2009 03:46:33 PM EST
Category: Trackers (bugs, support, tasks...)
Priority: 5 - Normal
Severity: 4 - Important
Status: Works For Me
Assigned to: None
Originator Email:
Operating System: None
Open/Closed: Open
Discussion Lock: Any
_______________________________________________________
Details:
A spammer can trick users into following a URL by uploading a javascript
attachment to the trackers. It has happened a few times so far and someone
complained about it on November 12 in #savannah.
Just to be sure if it a having a file extension matters or not, I uploaded 2
versions with the same script. If it works correctly you will be redirected to
google.com .
javascript-test.js and javascript-test
_______________________________________________________
File Attachments:
-------------------------------------------------------
Date: Thu 19 Nov 2009 03:46:34 PM EST Name: javascript-test Size: 94B By:
nicalvaro
<http://savannah.gnu.org/support/download.php?file_id=19083>
_______________________________________________________
Reply to this item at:
<http://savannah.gnu.org/support/?107136>
_______________________________________________
Message sent via/by Savannah
http://savannah.gnu.org/
- [Savannah-help-public] [sr #107136] Javascript tracker redirection,
Nicodemo Alvaro <=