Cross-site scripting?

Having problems with IHMC CmapServer? Think you have found a bug? Let us know!
Forum rules
Before you post a problem or bug, please be sure you have included the version number of IHMC CmapServer, the operating system and version, the amount of RAM, and any other information that allows us to be able to replicate the problem you are having. (i.e. what were you doing when the problem occur? were you running another program (application) by the time you have the problem?)
Post Reply
rainwadj
Posts: 2
Joined: Thu Oct 29, 2015 3:07 pm

Cross-site scripting?

Post by rainwadj » Thu Oct 29, 2015 3:12 pm

Our information security group has informed me that our Cmap Server, version 5.05, is being hit with a cross-site scripting attack, whereby visitors to a site somewhere else are being redirected through our Cmap Server to some other site or sites, usually some kind of ad site. Has anyone else seen this? Is there a way to plug this hole?

Thanks.

cmapadmin
Site Admin
Posts: 538
Joined: Sat Dec 13, 2008 2:22 pm

Re: Cross-site scripting?

Post by cmapadmin » Fri Oct 30, 2015 10:59 am

First, we recommend that you update the CmapServer to the latest version.

Can you provide more information? Is this being done through the URL resources in the CmapServer? Is your CmapServer open to anybody to save resources?

We haven't had this issue reported earlier.

Post Reply