Date: Sat, 17 Jan 2015 12:15:41 +0100 From: Francisco Alonso <rs@...skills.cz> To: oss-security@...ts.openwall.com Subject: Re: CVE request: Reflected XSS / Content Spoofing in FlexPaper Hi, Any update about this? On Tue, Jan 6, 2015 at 9:45 PM, Francisco Alonso <rs@...skills.cz> wrote: > Hello, > > Can a CVE please be assigned to the following issue: > > FlexPaper Flash viewer Reflected XSS and Content Spoofing via Swfile > parameter in FlexPaperViewer.swf file. > > Fixed via FlexPaper 2.3.1 Release. > > References: > http://blog.flexpaper.org/post/105984224083/flexpaper-2-3-1-release-notes > https://code.google.com/p/flexpaper/ > http://www.theregister.co.uk/2014/12/23/wikileaks_pdf_viewer_vuln/ > > http://www.pcworld.com/article/2862812/flaw-in-opensource-pdf-viewer-could-put-wikileaks-users-others-at-risk.html > > Thanks, > -- Francisco Alonso. http://twitter.com/revskills PGP: 0xE2E64DCA --
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ