Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Sat, 6 Feb 2016 18:46:13 +0100
From: Salvatore Bonaccorso <carnil@...ian.org>
To: OSS Security Mailinglist <oss-security@...ts.openwall.com>
Subject: CVE Request: Horde: Two cross-site scripting vulnerabilities

Hi

Can you assing two CVEs for those two vulnerabilities in the Horde
groupware:

1/ Cross-site scripting in XSS in Horde_Core_VarRenderer_Html:
--------------------------------------------------------------

Upstream commit:
https://github.com/horde/horde/commit/11d74fa5a22fe626c5e5a010b703cd46a136f253

Debian Bug:
https://bugs.debian.org/813590

2/ Reflected cross-site scripting
---------------------------------

Upstream bug:
https://bugs.horde.org/ticket/14213

Upstream commit:
https://github.com/horde/horde/commit/f03301cf6edcca57121a15e80014c4d0f29d99a0

Debian Bug:
https://bugs.debian.org/813573


Many thanks in advance,

Regards,
Salvatore

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ