Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Thu, 16 Sep 2010 16:10:27 -0400 (EDT)
From: Josh Bressers <bressers@...hat.com>
To: oss-security@...ts.openwall.com
Cc: coley <coley@...re.org>
Subject: Re: CVE request: mantis before 1.2.3 (XSS)

----- "Kurt Seifried" <kurt@...fried.org> wrote:

> 
> These four have no CVE #:
> - 0012231: [security] XSS vulnerability when uninstalling maliciously
> named plugins (dhx) - resolved.
> - 0012232: [security] Multiple XSS issues with custom field
> enumeration values (dhx) - resolved.
> - 0012234: [security] XSS issues when using custom field String
> values
> (dhx) - resolved.
> - 0012238: [security] XSS in print_all_bug_page_word.php when
> printing
> project and category names (dhx) - resolved.
> 

I'm assigning one ID to all four of these. If someone thinks they should be
split, let me know.

Use CVE-2010-3303

Thanks.

-- 
    JB

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ