Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Wed, 12 Nov 2014 14:29:07 -0800
From: Karthik Rangarajan <rangarajan.karthik@...il.com>
To: oss-security@...ts.openwall.com, cve-assign@...re.org
Subject: Re: CVE Request: Multiple Vulnerabilities - XSS/Remote Code Injection
 in MODX

Bump - can a CVE be assigned to the remote code execution
vulnerability as well as the multiple XSS vulnerabilities in MODX?

On Sun, Nov 9, 2014 at 3:37 PM, Karthik Rangarajan
<rangarajan.karthik@...il.com> wrote:
> Hello,
>
> MODX has released a security advisory for MODX Evolution <=1.0.14. The
> version is affected by multiple XSS vulnerabilities as well as a
> command injection vulnerability. Please find the advisory below:
>
> http://forums.modx.com/thread/94952/multiple-vulnerabilities-xss-remote-command-injection
>
> Can a CVE please be assigned for these vulnerabilities?
>
> Thanks,
> Karthik
>
> --
> Regards,
> Karthik Rangarajan



-- 
Regards,
Karthik Rangarajan
MS, Information Security

Twitter: @krangarajan

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.