oss-security - Re: CVE-request: WordPress advanced-text-widget XSS advancedtext.php?page=

Follow @Openwall on Twitter for new release announcements and other news

[<prev] [next>] [<thread-prev] [day] [month] [year] [list]

Date: Mon, 19 Dec 2011 10:37:31 -0700
From: Kurt Seifried <kseifried@...hat.com>
To: oss-security@...ts.openwall.com
CC: Henri Salo <henri@...v.fi>
Subject: Re: CVE-request: WordPress advanced-text-widget XSS
 advancedtext.php?page=

On 12/18/2011 02:45 AM, Henri Salo wrote:
> Can I get CVE-identifier for this issue?
>
> Original report: http://seclists.org/bugtraq/2011/Nov/133
> Vendor report: http://wordpress.org/support/topic/wordpress-advanced-text-widget-plugin-cross-site-scripting-vulnerabilities
> Fixed in 2.0.2
> Vulnerable versions: 2.0.1 and all below
> One example: advancedtext.php?page=
>
> http://wordpress.org/extend/plugins/advanced-text-widget/changelog/
> ------------------------------------------------------------------------
> r466102 | maxchirkov | 2011-11-22 19:32:02 +0200 (Tue, 22 Nov 2011) | 2 lines
>
> Committing version 2.0.2
> - Updated all instances of $_GET method with esc_attr() to improve security.
> ------------------------------------------------------------------------
>
> - Henri Salo
Please use CVE-2011-4618 for this issue.

-- 

-Kurt Seifried / Red Hat Security Response Team

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.