|
Message-Id: <201405050334.s453Yphl000602@linus.mitre.org> Date: Sun, 4 May 2014 23:34:51 -0400 (EDT) From: cve-assign@...re.org To: kristian.fiskerstrand@...ptuouscapital.com Cc: cve-assign@...re.org, oss-security@...ts.openwall.com Subject: Re: CVE request: SKS non-persistent XSS -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 > A non-persistent client-side cross-site scripting attack was reported > against SKS resulting from improper input sanitation before writing > to a client. The issue has been fixed in the development trunk > > https://bugzilla.mozilla.org/show_bug.cgi?id=952077 > https://bitbucket.org/skskeyserver/sks-keyserver/issue/26/unfiltered-xss > https://bitbucket.org/skskeyserver/sks-keyserver/pull-request/30/issue26-fix-a-non-persistent-cross-site Use CVE-2014-3207. - -- CVE assignment team, MITRE CVE Numbering Authority M/S M300 202 Burlington Road, Bedford, MA 01730 USA [ PGP key available through http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (SunOS) iQEcBAEBAgAGBQJTZwaKAAoJEKllVAevmvms4fwH/jLakVp6T5bvRw390evMk9l4 0ScGy99+bMaJFa38gH9ezAmvthJQTJnKyeDr/0IQCFds1+gulKx90P1+xIwVBxdl H07s+B/4/+2rDGVZuytzCerm4qkkh/pq/nZJ+OM53bZL1FMHxuHtyrU1Yhrg8ueS Wx+pFmSRjFkI+dNuElaqcMMgL8mBx5CiWM2cvw0vKSYcWYfhLxHS7880aDGdRpXi upqyBEGkkW6FZAaSDMlNOfMn12Xfd7NzUt1eVLxc2SorQwyi37Bl5ARqfZjuDRfS 5OFuJbA55EWCl8fU275ag8WDB2CXJliCabrmLiwAyCdALNbRd6z9yUfTevNb+TM= =bTUM -----END PGP SIGNATURE-----
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.