Date: Tue, 7 Sep 2010 13:29:24 -0400 (EDT) From: Josh Bressers <bressers@...hat.com> To: oss-security@...ts.openwall.com Cc: coley <coley@...re.org> Subject: Re: CVE request: XSS in nusoap Please use CVE-2010-3070 Thanks. -- JB ----- "Raphael Geissert" <geissert@...ian.org> wrote: > Hi, > > A XSS vulnerability has been reported against the nusoap PHP library > caused > by insufficient sanitation of untrusted data ($_SERVER['PHP_SELF']) -- > > CWE-79. > > Original report against mantisbt: > http://www.mantisbt.org/bugs/view.php?id=12312 > > Report against nusoap (and further references): > http://sourceforge.net/projects/nusoap/forums/forum/193579/topic/3834005 > > The fixes proposed by David Hicks (from mantisbt) add escaping to > some > other variables, but I haven't verified if they are actually > exploitable (if > that's so, the patch might need to pass the charset to htmlentities > too.) > > http://git.mantisbt.org/?p=mantisbt.git;a=commit;h=edb817991b99cd5538f102be26865fde7c6b7212 > > Could a CVE id be assigned? > > Thanks, > -- > Raphael Geissert - Debian Developer > www.debian.org - get.debian.net
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ