Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Thu, 14 May 2015 14:56:40 +0200
From: Martin Prpic <>
To: "OSS Security Mailinglist" <>
Subject: Cross-site scripting flaw in AskBot


It was reported to us that certain versions of AskBot are vulnerable to
a cross-site scripting flaw. It is unclear which version fixed this flaw
and what the actual patch was.

Red Hat assigned CVE-2015-3169 to this flaw; Red Hat bug is filed at:

If anyone wants to dig through
and find the root cause and the patch, please post your findings here.


Martin Prpič / Red Hat Product Security

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ