View ProjeQtOr On SourceForge.net
ProjeQtOr - Project Management Tool
Support us on Capterra
OIN - Open Invention Network
ProjeQtOr free project management software - Cross site scripting issue during installation - ProjeQtOr
 

Cross site scripting issue during installation

More
18 Jul 2024 21:02 #1 by berthelemy
Bonjour / Hi,

I'm installing on a shared hosting site (PlanetHoster). The firewall there prevented me from saving the configuration file. I could only proceed by switching off the rule that was being invoked (see below)

Am I safe to continue with this firewall rule switched off?

Merci,

Mark

Firewall report

ID : 341256Severity: CRITICALLabel : -info : Atomicorp.com WAF Rules: Possible Cross Site Scripting attack (detectXSS)message : Access denied with code 403 (phase 2). detected XSS using libinjection.Request InfoDate : 18/07/2024, 20:50 GMT+2HTTP method: POSTClient IP: 89.91.136.172Port: 2080Protocol: HTTP/1.1Uri: /tool/configCheck.php?destinationWidth=1038&destinationHeight=82.5&isIE=&xhrPostDestination=configResultDiv&xhrPostIsResultMessage=false&xhrPostValidationType=&xhrPostTimestamp=1721328614008&csrfToken=Response status : 403

Please Log in or Create an account to join the conversation.

More
19 Jul 2024 18:53 #2 by babynus
This question is out of ProjeQtOr scope.
Please ask your web hoster.

Babynus
Administrator of ProjeQtOr web site

Please Log in or Create an account to join the conversation.

More
22 Jul 2024 16:56 #3 by berthelemy
Thanks. I will.

I was more concerned about why Projeqtor was triggering the XSS warning?

Please Log in or Create an account to join the conversation.

More
23 Jul 2024 10:37 #4 by babynus
Possibly the install process for your hosted server is looking like a XSS attack.
If your hoster uses control interface such as CPanle, you may use Softaculous image of ProjeQtOr to install it fluently.

Babynus
Administrator of ProjeQtOr web site
The following user(s) said Thank You: berthelemy

Please Log in or Create an account to join the conversation.

Moderators: babynusprotion
Time to create page: 0.034 seconds

Cookies settings

×

Functional Cookies

Ce site utilise des cookies pour assurer son bon fonctionnement et ne peuvent pas être désactivés de nos systèmes. Nous ne les utilisons pas à des fins publicitaires. Si ces cookies sont bloqués, certaines parties du site ne pourront pas fonctionner.

Session

Please login to see yours activities!

Other cookies

Ce site web utilise un certain nombre de cookies pour gérer, par exemple, les sessions utilisateurs.