Date: Fri, 23 Mar 2012 12:48:07 -0600 From: Kurt Seifried <kseifried@...hat.com> To: oss-security@...ts.openwall.com CC: Henri Salo <henri@...v.fi> Subject: Re: CVE Request: Geeklog 1.7.1 <= Cross Site Scripting Vulnerability On 03/23/2012 02:56 AM, Henri Salo wrote: > Original request here: http://seclists.org/oss-sec/2011/q1/547 > > http://www.geeklog.net/article.php/geeklog-1.7.1sr1 > http://project.geeklog.net/cgi-bin/hgwebdir.cgi/geeklog/rev/20a98e6bab20 > http://yehg.net/lab/pr0js/advisories/[geeklog1.7.1]_cross_site_scripting > http://osvdb.org/show/osvdb/70245 > http://secunia.com/advisories/42775/ > > This might have been left unassigned because of 'admin/configuration.php', but at least Geeklog thinks this as important security vulnerability. Needs 2010 identifier, thanks. > > - Henri Salo Please use CVE-2011-4942 for this issue. -- Kurt Seifried Red Hat Security Response Team (SRT)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ