Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Wed, 7 Dec 2016 11:29:30 +0800
From: haojun hou <haojunhou@...il.com>
To: oss-security@...ts.openwall.com
Cc: mr@...buckingham.com
Subject: CVE request -BigTree CMS 4.2.13 Extension Form Builder
 Multiple Cross-Site Scripting (XSS)

I reported multiple reflected cross-site scripting vulnerabilities in
BigTree CMS Extension Form Builder several days ago. Please assign CVEs if
you think they are suitable for identifiers.Thanks.

Affected version: BigTree CMS 4.2.13, From Builder 1.1

Reported by Tim Buckingham in
*https://github.com/bigtreecms/BigTree-CMS/issues/265
<https://github.com/bigtreecms/BigTree-CMS/issues/265>*

Fixed in:
https://github.com/Fastspot/bigtree-form-builder/commit/06fde0cc67ff121b212715031e12574f50970fcd

Thanks & Regards

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ