Re: MODx Installation File XSS Vulnerability

看板Bugtraq作者jason.時間15年前 (2010/07/09 03:01)推噓0(0推 0噓 0→)

留言0則, 0人參與討論串3/3 (看更多)

First, it's not a workaround to remove the install directory after installing MODx; it's a absolute requirement, and there is even a checkbox that will do it for you if PHP has permission to remove the files. Second, no one at or associated with modxcms.com was notified of this in any way, shape or form, on June 16, 2010. How is this a medium severity? This is absolute nonsense, total FUD, and a complete non-issue. You should never leave the install directory in place or you have much bigger problems than XSS injection.

‣ 返回看板[ Bugtraq ] 臭蟲

‣ 更多 jason. 的文章

文章代碼(AID): #1CDY1lQq (Bugtraq)