[30310] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

PHP Trans SID XSS (Was: New php release with security fixes)

daemon@ATHENA.MIT.EDU (Sverre H. Huseby)
Sun Jun 1 15:07:21 2003

Date: Fri, 30 May 2003 14:41:53 +0200
From: "Sverre H. Huseby" <shh@thathost.com>
To: je@sekure.net
Message-ID: <20030530124153.GC21660@thathost.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <Pine.BSO.4.55.0305291531230.6630@birdie.sekure.net>

It also fixes the following, which wasn't mentioned in the summary (or
elsewhere, as far as I can see):

  "Cross-site Scripting in PHP's Transparent Session ID Support"
   http://shh.thathost.com/secadv/2003-05-11-php.txt


Sverre.

-- 
shh@thathost.com
http://shh.thathost.com/


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[30310] in bugtraq

PHP Trans SID XSS (Was: New php release with security fixes)

daemon@ATHENA.MIT.EDU (Sverre H. Huseby)Sun Jun 1 15:07:21 2003

daemon@ATHENA.MIT.EDU (Sverre H. Huseby)
Sun Jun 1 15:07:21 2003