Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Wed, 30 Jun 2010 19:50:56 -0500
From: Raphael Geissert <geissert@...ian.org>
To: oss-security@...ts.openwall.com
Subject: CVE request: moin multiple XSS

Hi,

Multiple XSS vulnerabilities have been reported in moin.

References:
http://moinmo.in/MoinMoinBugs/1.9.2UnescapedInputForThemeAddMsg
http://bugs.debian.org/584809

Could a CVE be assigned?

Note that the original bug report only covered PageEditor.py, while upstream 
fixed multiple others at the same time. Not sure if you want to assign two 
different ids.

Regards,
-- 
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net


Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.