Date: Thu, 24 Jul 2014 20:59:19 +0200 From: Adan Alvarez <adan.alvarez.90@...il.com> To: oss-security@...ts.openwall.com Cc: cve-assign@...re.org Subject: Duplicated CVE - Cacti XSS Hello, I requested a CVE to mitre three days ago because of the security bug I found: http://bugs.cacti.net/view.php?id=2456 CVE-2014-5043. Unfortunately, there are currently two CVE assigned to this security issue: CVE-2014-5025 and CVE-2014-5026. So I don't know what should I do. On the other hand, I just discovered another XSS vulnerability that is not solved by the current patch. Here you have the details to reproduce it: Create a new user or edit an existing one with the following Full Name: [XSS] Then go to System Utilities - View User Log, and if the user has logged in you will see a popup with the text "XSS". Maybe the CVE-2014-5043 can by used to identify this last discovery. Regards, Adan
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.