Date: Mon, 21 Jan 2013 21:48:46 +0100 From: Yves-Alexis Perez <corsac@...ian.org> To: oss-security@...ts.openwall.com Cc: 697666@...s.debian.org Subject: CVE request for Movable Type Hi, Movable Type 4.38 has been released few weeks ago, fixing a security issue in the upgrade page. More information can be found at  but basically it looks like missing input sanitation on the mt-upgrade.cgi page. As far as I can tell, no CVE has been allocated yet, could someone allocate one? Regards, : http://www.movabletype.org/2013/01/movable_type_438_patch.html -- Yves-Alexis Download attachment "signature.asc" of type "application/pgp-signature" (491 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.