[3.11] squid: XSS via user_name or auth parameter in cachemgr.cgi (CVE-2019-13345)
The cachemgr.cgi web module of Squid through 4.7 has
XSS via the user_name or auth parameter.
(from redmine: issue id 10665, created on 2019-07-09)
- parent #10664 (closed)
- Revision 1bd365a6 by Natanael Copa on 2019-07-11T16:35:18Z:
main/squid: upgrade to 4.8 fixes #10665
To upload designs, you'll need to enable LFS and have admin enable hashed storage. More information