Date: Wed, 12 Nov 2014 14:29:07 -0800 From: Karthik Rangarajan <rangarajan.karthik@...il.com> To: oss-security@...ts.openwall.com, cve-assign@...re.org Subject: Re: CVE Request: Multiple Vulnerabilities - XSS/Remote Code Injection in MODX Bump - can a CVE be assigned to the remote code execution vulnerability as well as the multiple XSS vulnerabilities in MODX? On Sun, Nov 9, 2014 at 3:37 PM, Karthik Rangarajan <rangarajan.karthik@...il.com> wrote: > Hello, > > MODX has released a security advisory for MODX Evolution <=1.0.14. The > version is affected by multiple XSS vulnerabilities as well as a > command injection vulnerability. Please find the advisory below: > > http://forums.modx.com/thread/94952/multiple-vulnerabilities-xss-remote-command-injection > > Can a CVE please be assigned for these vulnerabilities? > > Thanks, > Karthik > > -- > Regards, > Karthik Rangarajan -- Regards, Karthik Rangarajan MS, Information Security Twitter: @krangarajan
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.