Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Thu, 15 Sep 2016 01:41:01 -0400 (EDT)
From: cve-assign@...re.org
To: chenruiqi@....cn
Cc: cve-assign@...re.org, oss-security@...ts.openwall.com
Subject: Re: CVE Request: XSS vulns in b2evolution v6.7.5

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

> forum with some evil code
> https://github.com/b2evolution/b2evolution/commit/9a4ab85439d1b838ee7b8eeebbf59174bb787811

Use CVE-2016-7149.


> Edit the "Short site name"
> https://github.com/b2evolution/b2evolution/commit/dd975fff7fce81bf12f9c59edb1a99475747c83c

Use CVE-2016-7150.

- -- 
CVE Assignment Team
M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
[ A PGP key is available for encrypted communications at
  http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJX2jQYAAoJEHb/MwWLVhi2uiIP/2drloezwZ44oHZCA4fFelrs
IQxqLq8IISpHE+EMLJL2fr+9+Etjkte+D1gD0IhUSwM8gBLT5l0QoKJKQG5shpmH
uzCvz8lebBIEs+MExRDNg/yaN8L15u/Fw/CHwP6axSZK0WId0cJh8aIJ7vXHTecl
iyFBiUT/bQo+EqTnzIWfDOyiAx+0xoGJUd8URQCroJGf0j4ZwmeOPjdy0NdGDavR
p+DY4A18FENakMUpLx5hFGudCQCCoLk648lKsVfSqq9gDKrDiUSOmvNMBn6n80Vs
q3YhFfbr4hGo4Degw6HBRJyOShzr/UpuYsYuEEut2g3DRVX8vCtNv04D6yA0ChUj
dylwLceHC+D5lXdQEayNUtKuKrDQCR/MqzFfS6DRCghbBnObt3mdxuoSivxLX5gN
fASKsXcPe+n9SVTJya/RG6svo0rxJD6oa0h3QQinE3bDF4+uQ10A6IpsFdzVDRew
VtSCAzVktXMG+qU+ld2F/iu7ArLmvCtsu/Sxs1EP/iJKIkkIFkOiEOXLBU+Ye0kt
fCmXRI2SKReJgv67KvXZJxA7t+p+9++gaHOUpcrvHESv8HiFs+swBMwLmCSLxHYv
pqbwfpQ46+tj7MkW6D/+irj2fdgOjiStxq+7o/Mwd2uh5oEo3LFKnP4ciz0ajSUT
B3LOjIAhuRfXD4XkcDlX
=4IsD
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ