Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Sat, 31 Jan 2015 14:31:02 +0200
From: Henri Salo <>
Subject: CVE request: phpbb3 CSRF and CSS injection

Can I get 2 2015 CVEs for phpBB3 vulnerabilities fixed in 3.0.13, thanks.
"CSS Injection via Relative Path Overwrite. Thanks to James Kettle for bringing
this to our attention"
"The ucp_pm_options form key is now properly validated. Thanks to FBNeal and
lampsys who reported this independently."

Henri Salo

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ