General

Profile

Franz G. Jahn

Issues

open closed Total
Assigned issues 0 0 0
Reported issues 0 4 4

Activity

2014-05-30

15:38 TYPO3 Core Task #59233 (Closed): Do not transfer content of fields with eval=password
When you edit an arbitrary record with a password field, the content of the password field (as stored in the database... Franz G. Jahn

2013-12-10

10:55 TYPO3 Core Revision fdd3d3f1: [SECURITY] Prevent editor controlled hmac content
An hmac of the editor controlled auto respond message was used to verifiy
the correctness of this message on submit. ... Franz G. Jahn
10:54 TYPO3 Core Revision 2d29894a: [SECURITY] Prevent editor controlled hmac content
An hmac of the editor controlled auto respond message was used to verifiy
the correctness of this message on submit. ... Franz G. Jahn
10:53 TYPO3 Core Revision 1cbe889f: [SECURITY] Prevent editor controlled hmac content
An hmac of the editor controlled auto respond message was used to verifiy
the correctness of this message on submit. ... Franz G. Jahn
10:52 TYPO3 Core Revision efa9e0b6: [SECURITY] Prevent editor controlled hmac content
An hmac of the editor controlled auto respond message was used to verifiy
the correctness of this message on submit. ... Franz G. Jahn
10:51 TYPO3 Core Revision 52d3bff4: [SECURITY] Prevent editor controlled hmac content
An hmac of the editor controlled auto respond message was used to verifiy
the correctness of this message on submit. ... Franz G. Jahn

2013-06-04

14:43 TYPO3 Core Bug #18534: The cache of pages which include content from another one is not emptied automatically when source content is edited
I had the same problem with TYPO3 4.5.25. Franz G. Jahn

2013-05-31

12:09 TYPO3 Core Bug #48692 (Closed): Properly escape data in PermissionAjaxController
* /typo3/ajax.php in parameter Page and who (not easily exploitable as
the referer is checked, but still vulnerable ... Franz G. Jahn

2013-03-06

11:49 TYPO3 Core Revision 62a17a28: [SECURITY] Open redirection with jumpurl
jumpurl allows redirect to any given URL. A hash on the url
is now required to know if the jumpurl has been created
b... Franz G. Jahn
11:49 TYPO3 Core Revision c6f0f435: [SECURITY] Open redirection with jumpurl
jumpurl allows redirect to any given URL. A hash on the url
is now required to know if the jumpurl has been created
b... Franz G. Jahn

Also available in: Atom