Note: This web site is only kept up to date for OSG Software
1.2 (VDT 2.0.0). If you are looking for information for the most recent
release, the RPM-based OSG Software 3.0, please see
the OSG documentation web site
VOMRS Security Advisory 2007-08: Cross-Site Scripting
VOMRS is vulnerable to cross-site scripting attacks
This advisory affects the following VDT versions:
VDT versions 1.6.1 through 1.8.0
VOMRS versions up through 1.3.1a contain a cross-site scripting security
vulnerability in the VOMRS code. The vulnerability is due to the user input
not being validated properly. This vulnerability was discovered by
the EGEE Operational Security Coordination Team.
Update your VOMRS installation or get a new installation of VOMRS. Update
instructions are provided on the release notes for the VDT version you
Please contact firstname.lastname@example.org
if you have any questions.