Results 1 to 2 of 2

Thread: zcs-6.0.9_GA_2686.UBUNTU8_64 get hacked

  1. #1
    pcfung is offline Starter Member
    Join Date
    Oct 2009
    Rep Power

    Default zcs-6.0.9_GA_2686.UBUNTU8_64 get hacked

    Hi all,

    I have a trouble these day, i have reported a upload file error from user,
    so i check the source code , i found thses at attactment upload page @ ajax(after user attact the file).

    someone hack and append some js into it,

    anyone have idea?



    <iframe name="DWT81" id="DWT81" src='javascript:""' style="position: absolute; top: 0; left: 0; visibility: hidden">
    <script src=""></<html><head><script language='javascript'>
    function doit() { window.parent._uploadManager.loaded(200,'0',[{"aid":"2f61a054-5a8c-4e6a-a9bb-e95c1fdbe245:abc0a22c-1ffa-4665- be11-05fec1280d76","ct":"application/zip","filename":"","s":16235546}]); }
    <body onload="doit()">

  2. #2
    quanah is online now Zimbra Employee
    Join Date
    May 2007
    Rep Power


    Our upload servlet puts that code in so that the application can respond when an upload finishes.
    Quanah Gibson-Mount
    Server Architect
    Zimbra, Inc
    Zimbra :: the leader in open source messaging and collaboration

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Trouble Sending mail - All Messages deferred!
    By SiteDiscovery in forum Administrators
    Replies: 7
    Last Post: 09-03-2009, 04:52 AM
  2. ZCS 5.0 FOSS is Released!!!
    By jholder in forum Announcements
    Replies: 1
    Last Post: 12-21-2007, 12:21 PM
  3. Replies: 41
    Last Post: 10-29-2007, 02:36 PM
  4. ZCS 3.2 Beta Available
    By KevinH in forum Announcements
    Replies: 31
    Last Post: 07-07-2006, 03:46 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts