Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Tue, 1 Apr 2014 06:52:08 +0200
From: Salvatore Bonaccorso <carnil@...ian.org>
To: oss-security@...ts.openwall.com
Subject: CVE Request: Shaarli: Several XSS in index.php

Hi

Multiple cross-site scripting vulnerabilities were reported in
Shaarli, which can be found in upstream issue[1].

 [1] https://github.com/sebsauvage/Shaarli/issues/134

The issues were fixed upstream by commit
53da201749f8f362323ef278bf338f1d9f7a925a [2].

 [2] https://github.com/sebsauvage/Shaarli/commit/53da201749f8f362323ef278bf338f1d9f7a925a

Could a CVE be assigned for this flaw? (One is sufficient, as it is one
reporter and one affected file?).

Regards,
Salvatore

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ