Registrations to Open-AudIT forums are now closed. To ask any new questions please visit Opmantek Community Questions.

Open-AudIT

What's on your network?
It is currently Fri Mar 29, 2024 1:07 am

All times are UTC + 10 hours




Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 2 posts ] 
Author Message
PostPosted: Tue Aug 03, 2010 12:29 am 
Offline
Newbie

Joined: Tue Aug 03, 2010 12:17 am
Posts: 1
Hey all-

I have just rolled out OA throughout my domain. I have compared the product against a few alternatives, and found OA to suit my needs perfectly. I have a couple issues where some systems do not report everyday(through logon/single system), but as i do not need *extremely* timely information, it is not a worry. The OA product is excellent! I Can't wait for the next version!

Anyhow, during my implementation, i had researched some of the vulns for the project and found some cross site scripting issues.

[url]http://www.gardienvirtuel.ca/wp-content/uploads/2010/05/GVI-2010-02-EN.txt
[/url]

I was wondering if the project has already been patched to fix the issues or if the code was being rewritten for v2?

thanks,

sideone.


Top
 Profile  
Reply with quote  
PostPosted: Sun Oct 03, 2010 3:51 pm 
Offline
Site Admin
User avatar

Joined: Mon Jun 07, 2004 11:48 am
Posts: 1964
Location: Brisbane, Australia
This vuln does not exist in OAv2.

As far as a cross site scripting vuln, as Open-AudIT is NOT designed to be deployed on the Internet, I consider this quite insignificant. Again - Open-AudIT is NOT designed to be exposed to the Internet.
I am not working on code for Open-AudIT anymore, however some of the other Developers are. They may have integrated this patch, I'm not sure.

_________________
Support and Development hours available from [url=https://opmantek.com]Opmantek[/url].
Please consider a purchase to help make Open-AudIT better for everyone.


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 2 posts ] 

All times are UTC + 10 hours


Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
cron
Powered by phpBB® Forum Software © phpBB Group