Date: Sat, 17 Jan 2015 12:15:41 +0100 From: Francisco Alonso <rs@...skills.cz> To: oss-security@...ts.openwall.com Subject: Re: CVE request: Reflected XSS / Content Spoofing in FlexPaper Hi, Any update about this? On Tue, Jan 6, 2015 at 9:45 PM, Francisco Alonso <rs@...skills.cz> wrote: > Hello, > > Can a CVE please be assigned to the following issue: > > FlexPaper Flash viewer Reflected XSS and Content Spoofing via Swfile > parameter in FlexPaperViewer.swf file. > > Fixed via FlexPaper 2.3.1 Release. > > References: > http://blog.flexpaper.org/post/105984224083/flexpaper-2-3-1-release-notes > https://code.google.com/p/flexpaper/ > http://www.theregister.co.uk/2014/12/23/wikileaks_pdf_viewer_vuln/ > > http://www.pcworld.com/article/2862812/flaw-in-opensource-pdf-viewer-could-put-wikileaks-users-others-at-risk.html > > Thanks, > -- Francisco Alonso. http://twitter.com/revskills PGP: 0xE2E64DCA --
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.