Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Thu, 17 Dec 2015 03:38:04 +0000
From: CSW Research Lab <disclose@...ersecurityworks.com>
To: "cve-assign@...re.org" <cve-assign@...re.org>, 
	"oss-security@...ts.openwall.com" <oss-security@...ts.openwall.com>
Subject: Cross site scripting vulnerability (XSS) in
 SilverStripe CMS & Framework v3.2.0

Hi all

can you please assign cve for this issue ?

http://www.silverstripe.org/download/security-releases/ss-2015-026

Proof of Concept URL:
=================
[+]
http://localhost/Silverstripe/admin/security/EditForm/field/Members/item/new/ItemEditForm/


Parameter
==============
[+] Locale
[+] FailedLoginCount

Credits & Authors
======================
Arjun Basnet from Cyber Security Works Pvt. Ltd. (
http://cybersecurityworks.com)

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ