Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Wed, 13 May 2015 19:09:49 +0300
From: DaKnOb <daknob.mac@...il.com>
To: OSS Security List <oss-security@...ts.openwall.com>
Cc: cve-assign@...re.org
Subject: Request 2 CVE-IDs for Zeus Voting System

Zeus (https://github.com/grnet/zeus) is a fork of Helios that is actively developed by GRNET (http://www.grnet.gr/) and is considered to be used in Greek Elections (starts with small and rolls out to larger elections). 

Two XSS vulnerabilities that allow JavaScript Execution have been found, one of which has a PoC running JavaScript / Modifying HTML in the voter’s browser during the voting process.

XSS #1 - https://github.com/grnet/zeus/issues/28
XSS #2 - https://github.com/grnet/zeus/issues/29

Thank you,
Antonios A. Chariton

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ