[Phpmyadmin-devel] About phpmyadmin-trk-bugs sourceforge mailing list

Chirayu Chiripal chirayu.chiripal at gmail.com
Thu Jul 10 11:37:25 CEST 2014


I am subscribed to Phpmyadmin-trk-bugs mailing list and receive Digest. In
message digest I noticed something. It is about bug #4486, this bug report
is kept private and when this link [1] is visited it says "Read access
required" but the problem I see here is that if it is private then why I am
getting that bug report message in the digest or am I missing something

[1] : https://sourceforge.net/p/phpmyadmin/bugs/4486

Here is the message in digest:

Message: 5
Date: Wed, 09 Jul 2014 20:00:28 +0000
From: "Marc Delisle" <lem9 at users.sf.net>
Subject: [Phpmyadmin-trk-bugs] [phpmyadmin:bugs] #4486 XSS injection
        due to  unescaped table comment
To: phpmyadmin-trk-bugs at lists.sourceforge.net
        <53bd9f5a485acd507b8dec62.bugs at phpmyadmin.p.sourceforge.net>
Content-Type: text/plain; charset="us-ascii"


** [bugs:#4486] XSS injection due to unescaped table comment**

**Status:** open
**Group:** 4.2.5
**Created:** Wed Jul 09, 2014 08:00 PM UTC by Marc Delisle
**Last Updated:** Wed Jul 09, 2014 08:00 PM UTC
**Owner:** Marc Delisle

Chirayu Chiripal
phpMyAdmin Intern - Google Summer of Code 2014
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.phpmyadmin.net/pipermail/developers/attachments/20140710/b3104f9f/attachment.html>

More information about the Developers mailing list