Date: Tue, 6 Jan 2015 21:45:13 +0100 From: Francisco Alonso <rs@...skills.cz> To: oss-security@...ts.openwall.com Subject: CVE request: Reflected XSS / Content Spoofing in FlexPaper Hello, Can a CVE please be assigned to the following issue: FlexPaper Flash viewer Reflected XSS and Content Spoofing via Swfile parameter in FlexPaperViewer.swf file. Fixed via FlexPaper 2.3.1 Release. References: http://blog.flexpaper.org/post/105984224083/flexpaper-2-3-1-release-notes https://code.google.com/p/flexpaper/ http://www.theregister.co.uk/2014/12/23/wikileaks_pdf_viewer_vuln/ http://www.pcworld.com/article/2862812/flaw-in-opensource-pdf-viewer-could-put-wikileaks-users-others-at-risk.html Thanks,
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.