Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 14 Aug 2014 00:57:36 -0400
From: Andrew Nacin <>
Cc: Open Source Security <>
Subject: Re: WordPress 3.9.2 release - needs CVE's

On Wed, Aug 13, 2014 at 1:47 AM, <> wrote:
>  > XSS:
> We think this can have a CVE ID only if it allows privilege escalation
> from Administrator to Super Admin in a Multisite installation. Does
> it? (On other installations, Administrator has the unfiltered_html
> capability.)


Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ