Changes between Initial Version and Version 1 of Ticket #25422, comment 2
- Timestamp:
- 09/27/2013 09:16:48 AM (11 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
Ticket #25422, comment 2
initial v1 1 See [15521] and [15662]. The former was security hardening in 3.0.2. Possible XSS (but only if you could delete plugins, which implies you can arbitrarily execute PHP anyway). I don't remember the exact vector and am having trouble locating details, but it shouldn't be hard to figure out.1 See [15521] and #15662. The former was security hardening in 3.0.2. Possible XSS (but only if you could delete plugins, which implies you can arbitrarily execute PHP anyway). I don't remember the exact vector and am having trouble locating details, but it shouldn't be hard to figure out.