Re: XSS in Solr admin interface

2008-06-20 Thread Nicob
Le jeudi 19 juin 2008 à 19:21 -0700, Mike Klaas a écrit : Fixed in r669766. I checked the patch and it's correctly patching this XSS. Thanks to the dev team ! Regards, Nicob

Re: XSS in Solr admin interface

2008-06-20 Thread Mike Klaas
On 19-Jun-08, at 11:17 PM, Nicob wrote: Le jeudi 19 juin 2008 à 19:21 -0700, Mike Klaas a écrit : Fixed in r669766. I checked the patch and it's correctly patching this XSS. Thanks to the dev team ! Thanks for the report! -Mike

XSS in Solr admin interface

2008-06-19 Thread Nicob
Hi, while testing the Solr search engine, I found a XSS vulnerability in its administration interface. I wrote to [EMAIL PROTECTED], but I wonder if this list could be a better place to find a security contact of the Solr project. Regards, Nicob

Re: XSS in Solr admin interface

2008-06-19 Thread Yonik Seeley
On Thu, Jun 19, 2008 at 7:42 PM, Nicob [EMAIL PROTECTED] wrote: while testing the Solr search engine, I found a XSS vulnerability in its administration interface. I wrote to [EMAIL PROTECTED], but I wonder if this list could be a better place to find a security contact of the Solr project.

Re: XSS in Solr admin interface

2008-06-19 Thread Mike Klaas
On 19-Jun-08, at 5:47 PM, Yonik Seeley wrote: On Thu, Jun 19, 2008 at 7:42 PM, Nicob [EMAIL PROTECTED] wrote: while testing the Solr search engine, I found a XSS vulnerability in its administration interface. I wrote to [EMAIL PROTECTED], but I wonder if this list could be a better place