Date: Thu, 24 Jul 2014 20:59:19 +0200 From: Adan Alvarez <adan.alvarez.90@...il.com> To: oss-security@...ts.openwall.com Cc: cve-assign@...re.org Subject: Duplicated CVE - Cacti XSS Hello, I requested a CVE to mitre three days ago because of the security bug I found: http://bugs.cacti.net/view.php?id=2456 CVE-2014-5043. Unfortunately, there are currently two CVE assigned to this security issue: CVE-2014-5025 and CVE-2014-5026. So I don't know what should I do. On the other hand, I just discovered another XSS vulnerability that is not solved by the current patch. Here you have the details to reproduce it: Create a new user or edit an existing one with the following Full Name: [XSS] Then go to System Utilities - View User Log, and if the user has logged in you will see a popup with the text "XSS". Maybe the CVE-2014-5043 can by used to identify this last discovery. Regards, Adan
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ