Date: Tue, 16 Mar 2010 14:07:50 -0600 From: Vincent Danen <vdanen@...hat.com> To: oss-security@...ts.openwall.com Cc: "Steven M. Christey" <coley@...us.mitre.org> Subject: Re: CVE Request: ViewVC 1.1.4 / 1.0.10 -- XSS via user-provided query form input * [2010-03-10 16:34:18 -0600] Reed Loden wrote: >Just received an announcement stating ViewVC 1.1.4 and 1.0.10 were >released today. Looks like they fix an XSS that needs a CVE assigned. > >"security fix: escape user-provided query form input to avoid XSS >attack" > >http://viewvc.tigris.org/source/browse/viewvc/trunk/CHANGES?r1=2313&r2=2342&pathrev=HEAD > >Here's the patch for the XSS: >http://viewvc.tigris.org/source/browse/viewvc?view=rev&revision=2326 > >* lib/viewvc.py > (view_queryform): Escape user-provided input before passing it > directly off to the templates. Can you say "XSS attack vector"? Please use CVE-2010-0736 for this issue. -- Vincent Danen / Red Hat Security Response Team
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.