HNS MAIN FEED
Saturday, 05:12 EST
- Zero-day vulnerabilities in Firefox extensions discovered
- Three charged with Comcast.net hijacking
- Cloud computing security benefits, risks and recommendations
- Poisoned Google search results
- World’s first wireless USB external hard drive
- A look at Securitybyte & OWASP AppSec Asia Conference 2009
- Biggest threats to federal systems and critical infrastructure
- Are 64-bit Windows inherently safer?
- NSA on cyber attacks and Microsoft collaboration
- New books: ModSecurity, Snow Leopard, social Web applications
- Vulnerability in IBM SolidDB memory caching software
- Two arrested for Zbot Trojan
Eclipse BIRT "run?__report" Parameter Cross-Site Scripting
03 November 2009
Eclipse BIRT (Business Intelligence and Reporting Tools) is a report plugin for the Eclipse IDE. The application is exposed to a cross-site scripting issue because it fails to sufficiently sanitize user-supplied input to the "run?__report" parameter. Eclipse BIRT verison 2.2.1 is affected by this issue.
Ref: http://antisnatchor.com/2008/12/18/eclipse-birt-reflected-xss/ http://bugs.eclipse.org/bugs/show_bug.cgi?id=259127
09.44.67 - CVE: Not Available
Platform: Web Application - Cross Site Scripting
Ref: http://antisnatchor.com/2008/12/18/eclipse-birt-reflected-xss/ http://bugs.eclipse.org/bugs/show_bug.cgi?id=259127
09.44.67 - CVE: Not Available
Platform: Web Application - Cross Site Scripting