Date: Thu, 17 Dec 2015 03:38:04 +0000 From: CSW Research Lab <disclose@...ersecurityworks.com> To: "cve-assign@...re.org" <cve-assign@...re.org>, "oss-security@...ts.openwall.com" <oss-security@...ts.openwall.com> Subject: Cross site scripting vulnerability (XSS) in SilverStripe CMS & Framework v3.2.0 Hi all can you please assign cve for this issue ? http://www.silverstripe.org/download/security-releases/ss-2015-026 Proof of Concept URL: ================= [+] http://localhost/Silverstripe/admin/security/EditForm/field/Members/item/new/ItemEditForm/ Parameter ============== [+] Locale [+] FailedLoginCount Credits & Authors ====================== Arjun Basnet from Cyber Security Works Pvt. Ltd. ( http://cybersecurityworks.com)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ