We have moved at community.getvera.com

Author Topic: Cross-site scripting (XSS) security vulnerability in apps.mios.com site.  (Read 7332 times)

Offline guessed

  • Community Beta
  • Master Member
  • ******
  • Posts: 5301
  • Karma: +92/-22
  • Release compat is not a bolted-on afterthought
See public Security Bug http://bugs.micasaverde.com/view.php?id=2627

and the posting:
    http://forum.micasaverde.com/index.php/topic,12443.msg91154.html#msg91154

PS: Note that your copy of Mantis is old, and also has the problem  8)
« Last Edit: November 08, 2012, 12:36:01 pm by guessed »

Offline oTi@

  • Community Beta
  • Master Member
  • ******
  • Posts: 4041
  • Karma: +32/-6
  • UI what ?!
Re: Cross-site scripting (XSS) security vulnerability in apps.mios.com site.
« Reply #1 on: November 09, 2012, 08:30:29 am »
Those XSS security problems will be fixed next week. Thanks for pointing them out.
Dezwaved at the moment...

Offline chixxi

  • Hero Member
  • *****
  • Posts: 1036
  • Karma: +37/-14
Re: Cross-site scripting (XSS) security vulnerability in apps.mios.com site.
« Reply #2 on: November 19, 2012, 07:54:16 am »
...and as usual: they were fixed last week. lol
Developer of Plugins: Virtual Switch, Variable Container, Popcorn Hour Remote, Vacation Ghost. => PLUGINS HAVE BEEN UNPUBLISHED BY ME.

Offline chixxi

  • Hero Member
  • *****
  • Posts: 1036
  • Karma: +37/-14
Re: Cross-site scripting (XSS) security vulnerability in apps.mios.com site.
« Reply #3 on: November 24, 2012, 04:35:45 am »
...and another week without fix passes by...
Developer of Plugins: Virtual Switch, Variable Container, Popcorn Hour Remote, Vacation Ghost. => PLUGINS HAVE BEEN UNPUBLISHED BY ME.

Offline chixxi

  • Hero Member
  • *****
  • Posts: 1036
  • Karma: +37/-14
Re: Cross-site scripting (XSS) security vulnerability in apps.mios.com site.
« Reply #4 on: December 02, 2012, 05:52:08 am »
...by the way, another week passed by...
Developer of Plugins: Virtual Switch, Variable Container, Popcorn Hour Remote, Vacation Ghost. => PLUGINS HAVE BEEN UNPUBLISHED BY ME.

Offline chixxi

  • Hero Member
  • *****
  • Posts: 1036
  • Karma: +37/-14
Re: Cross-site scripting (XSS) security vulnerability in apps.mios.com site.
« Reply #5 on: December 10, 2012, 02:10:27 am »
oh you know what, another week without fix passed by...
Developer of Plugins: Virtual Switch, Variable Container, Popcorn Hour Remote, Vacation Ghost. => PLUGINS HAVE BEEN UNPUBLISHED BY ME.

Offline capjay

  • Hero Member
  • *****
  • Posts: 675
  • Karma: +9/-3
Re: Cross-site scripting (XSS) security vulnerability in apps.mios.com site.
« Reply #6 on: December 10, 2012, 08:34:12 am »
oh you know what, another week without fix passed by...

are you using a Vera scene to post the comment on a weekly schedule ? :-)

Offline chixxi

  • Hero Member
  • *****
  • Posts: 1036
  • Karma: +37/-14
Re: Cross-site scripting (XSS) security vulnerability in apps.mios.com site.
« Reply #7 on: December 10, 2012, 10:47:07 am »
oh you know what, another week without fix passed by...

are you using a Vera scene to post the comment on a weekly schedule ? :-)

No, but I like the idea! This is gonna take some more posts...
Developer of Plugins: Virtual Switch, Variable Container, Popcorn Hour Remote, Vacation Ghost. => PLUGINS HAVE BEEN UNPUBLISHED BY ME.

Offline chixxi

  • Hero Member
  • *****
  • Posts: 1036
  • Karma: +37/-14
Re: Cross-site scripting (XSS) security vulnerability in apps.mios.com site.
« Reply #8 on: December 16, 2012, 05:27:30 am »
...another week! Security issues clearly have priority @mcv

Developer of Plugins: Virtual Switch, Variable Container, Popcorn Hour Remote, Vacation Ghost. => PLUGINS HAVE BEEN UNPUBLISHED BY ME.

Offline chixxi

  • Hero Member
  • *****
  • Posts: 1036
  • Karma: +37/-14
Re: Cross-site scripting (XSS) security vulnerability in apps.mios.com site.
« Reply #9 on: December 22, 2012, 07:34:41 am »
...oh, another week...
Developer of Plugins: Virtual Switch, Variable Container, Popcorn Hour Remote, Vacation Ghost. => PLUGINS HAVE BEEN UNPUBLISHED BY ME.

Offline chixxi

  • Hero Member
  • *****
  • Posts: 1036
  • Karma: +37/-14
Re: Cross-site scripting (XSS) security vulnerability in apps.mios.com site.
« Reply #10 on: December 31, 2012, 06:09:26 am »
...one more week, no fix...
Developer of Plugins: Virtual Switch, Variable Container, Popcorn Hour Remote, Vacation Ghost. => PLUGINS HAVE BEEN UNPUBLISHED BY ME.

Offline chixxi

  • Hero Member
  • *****
  • Posts: 1036
  • Karma: +37/-14
Re: Cross-site scripting (XSS) security vulnerability in apps.mios.com site.
« Reply #11 on: January 09, 2013, 03:48:32 am »
forgot to say: another week, no fix!
Developer of Plugins: Virtual Switch, Variable Container, Popcorn Hour Remote, Vacation Ghost. => PLUGINS HAVE BEEN UNPUBLISHED BY ME.

Offline chixxi

  • Hero Member
  • *****
  • Posts: 1036
  • Karma: +37/-14
Re: Cross-site scripting (XSS) security vulnerability in apps.mios.com site.
« Reply #12 on: January 13, 2013, 06:51:51 am »
...one more...
Developer of Plugins: Virtual Switch, Variable Container, Popcorn Hour Remote, Vacation Ghost. => PLUGINS HAVE BEEN UNPUBLISHED BY ME.

Offline RichardTSchaefer

  • Community Beta
  • Master Member
  • ******
  • Posts: 10091
  • Karma: +764/-143
Re: Cross-site scripting (XSS) security vulnerability in apps.mios.com site.
« Reply #13 on: January 13, 2013, 06:53:30 pm »
Has you forum status changed on just this issue  8)

Offline chixxi

  • Hero Member
  • *****
  • Posts: 1036
  • Karma: +37/-14
Re: Cross-site scripting (XSS) security vulnerability in apps.mios.com site.
« Reply #14 on: January 14, 2013, 07:48:01 am »
Has you forum status changed on just this issue  8)

I wish I could say "NO", but honestly "YES, a little bit".  :'(
Developer of Plugins: Virtual Switch, Variable Container, Popcorn Hour Remote, Vacation Ghost. => PLUGINS HAVE BEEN UNPUBLISHED BY ME.