Results 1 to 2 of 2

Thread: zcs-6.0.9_GA_2686.UBUNTU8_64 get hacked

  1. #1
    Join Date
    Oct 2009
    Rep Power

    Default zcs-6.0.9_GA_2686.UBUNTU8_64 get hacked

    Hi all,

    I have a trouble these day, i have reported a upload file error from user,
    so i check the source code , i found thses at attactment upload page @ ajax(after user attact the file).

    someone hack and append some js into it,

    anyone have idea?



    <iframe name="DWT81" id="DWT81" src='javascript:""' style="position: absolute; top: 0; left: 0; visibility: hidden">
    <script src=""></<html><head><script language='javascript'>
    function doit() { window.parent._uploadManager.loaded(200,'0',[{"aid":"2f61a054-5a8c-4e6a-a9bb-e95c1fdbe245:abc0a22c-1ffa-4665- be11-05fec1280d76","ct":"application/zip","filename":"","s":16235546}]); }
    <body onload="doit()">

  2. #2
    Join Date
    May 2007
    Rep Power


    Our upload servlet puts that code in so that the application can respond when an upload finishes.
    Quanah Gibson-Mount
    Server Architect
    Zimbra, Inc
    Zimbra :: the leader in open source messaging and collaboration

Similar Threads

  1. Trouble Sending mail - All Messages deferred!
    By SiteDiscovery in forum Administrators
    Replies: 7
    Last Post: 09-03-2009, 04:52 AM
  2. ZCS 5.0 FOSS is Released!!!
    By jholder in forum Announcements
    Replies: 1
    Last Post: 12-21-2007, 11:21 AM
  3. Replies: 41
    Last Post: 10-29-2007, 02:36 PM
  4. ZCS 3.2 Beta Available
    By KevinH in forum Announcements
    Replies: 31
    Last Post: 07-07-2006, 03:46 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts