Infected security page?
Dagobert Michelsen
dam at opencsw.org
Sun Oct 16 13:34:03 CEST 2016
Hi Juraj,
Am 16.10.2016 um 11:31 schrieb wilbury at opencsw.org:
> one user on IRC reported that there is some javascript being injected from our security page (https://www.opencsw.org/security/)
>
> The javascript reads:
>
> <a href="http://www.jolietta.com/">jolietta online casino</a></div><script type="text/javascript">document.getElementById("8e4b83".split("").reverse().join("")).style.display = "none"</script>
>
> It’s visible in source code, but not displayed with javascript enabled.
>
> Can someone please take a look? I don’t seem to have access to www (if I should have, just drop me a note.)
I removed the snippet, it looks like it was done by incection of Trygve account:
For now I also demoted all „old“ maintainer accounts in Mantis.
Best regards
— Dago
--
"You don't become great by trying to be great, you become great by wanting to do something,
and then doing it so hard that you become great in the process." - xkcd #896
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 841 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.opencsw.org/pipermail/maintainers/attachments/20161016/62028952/attachment.asc>
More information about the maintainers
mailing list