Ticket #796 (assigned defect)

Opened 3 months ago

Last modified 2 months ago

link to js file may reference all the way to C:\ on IIS-based systems

Reported by: fergbrain Assigned to: fergbrain (accepted)
Priority: normal Component: countdown-timer
Severity: critical Keywords: security
Cc:

Description

For example:

http://ypsinews.com/C:\websites\217\example.com\wp-content\plugins\countdown-timer/fergcorp_countdownTimer_java.js

Also, revealing the location of the directory probably poses a security risk!

Change History

03/24/08 05:55:26 changed by fergbrain

  • status changed from new to assigned.

04/27/08 05:57:24 changed by fergbrain

filed patch, we'll see if it works.