Date: Sun, 1 Sep 2013 07:01:55 +0200 From: Hanno Böck <hanno@...eck.de> To: Open Source Security <oss-security@...ts.openwall.com> Subject: CVE request: serendipity before 1.7.3 XSS Serendipity blog software contains an XSS in the shipped htmlarea-code for spell checking. Vulnerability report: http://osvdb.org/87395 Upstream confirmation: http://blog.s9y.org/archives/250-Serendipity-1.7.3-released.html Git commit: https://github.com/s9y/Serendipity/commit/d7dbe7757371c7f25a39463d1b924604785ae475 Please assign CVE. cu, -- Hanno Böck http://hboeck.de/ mail/jabber: hanno@...eck.de GPG: BBB51E42 Download attachment "signature.asc" of type "application/pgp-signature" (837 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ