Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Sat, 5 Mar 2016 14:48:42 +0100
From: Salvatore Bonaccorso <carnil@...ian.org>
To: OSS Security Mailinglist <oss-security@...ts.openwall.com>
Subject: CVE Request: Dotclear: XSS vulnerability in comments managment page
 and media exclusion control enforcement

Hi

Dotclear, a web publishing software, fixed a cross-site scripting
vulnerability in 2.8.2. Additionally the media exlusion control in the
media manager was furhter enforced:

https://dotclear.org/blog/post/2015/10/25/Dotclear-2.8.2

The XSS vulnerability was fixed with 

https://hg.dotclear.org/dotclear/rev/65e65154dadf

The second mentioned issue was addressed with

https://hg.dotclear.org/dotclear/rev/198580bc3d80

Could you assign CVEs for those?

Regards,
Salvatore

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ