Content checks for inline attachments
|Reported by:||thomasb||Owned by:|
Contents of attachments (such as pictures) which are embedded in HTML (multipart/related) messages should be checked before sending them to the client.
This is a XSS vulnerability which exists when using Internet Explorer and is an attack that takes advantage of a bug which exists in the web browser.
Change History (7)
comment:1 Changed 22 months ago by alec
- Component changed from Core functionality to Security issue
- Priority changed from 5 to 3
- Version changed from 0.2.2 to svn-trunk
Changed 19 months ago by Enrico204
comment:5 Changed 18 months ago by thomasb
- Resolution set to fixed
- Status changed from new to closed