Date: Sat, 5 Mar 2016 14:48:42 +0100 From: Salvatore Bonaccorso <carnil@...ian.org> To: OSS Security Mailinglist <oss-security@...ts.openwall.com> Subject: CVE Request: Dotclear: XSS vulnerability in comments managment page and media exclusion control enforcement Hi Dotclear, a web publishing software, fixed a cross-site scripting vulnerability in 2.8.2. Additionally the media exlusion control in the media manager was furhter enforced: https://dotclear.org/blog/post/2015/10/25/Dotclear-2.8.2 The XSS vulnerability was fixed with https://hg.dotclear.org/dotclear/rev/65e65154dadf The second mentioned issue was addressed with https://hg.dotclear.org/dotclear/rev/198580bc3d80 Could you assign CVEs for those? Regards, Salvatore
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ