Security - XSS JavaScript and SQL injection in Mailman, Postorius and Hyperkitty
Feb. 5, 2015
10:22 p.m.
Does the code of Mailman 3, Hyperkitty and Postorius do anything to address concerns around SQL and JavaScript injections, either from inbound emails or via the fields coming in via web interface or REST API?
thanks
February 2015
11:18 p.m.
New subject: Security - XSS JavaScript and SQL injection in Mailman, Postorius and Hyperkitty
On Feb 06, 2015, at 09:22 AM, Andrew Stuart wrote:
The core does not. It doesn't expose a public web or REST interface.
I'm not aware of any email command vulnerabilities.
Cheers, -Barry
February 2015
11:18 p.m.
New subject: Security - XSS JavaScript and SQL injection in Mailman, Postorius and Hyperkitty
On Feb 06, 2015, at 09:22 AM, Andrew Stuart wrote:
The core does not. It doesn't expose a public web or REST interface.
I'm not aware of any email command vulnerabilities.
Cheers, -Barry
3695
Age (days ago)
3695
Last active (days ago)
1 comments
2 participants
participants (2)
-
Andrew Stuart -
Barry Warsaw