Date: Sat, 14 Mar 2015 11:22:04 +0100 From: Damien Regad <dregad@...tisbt.org> To: oss-security@...ts.openwall.com Subject: Re: CVE-2014-6316: URL redirection issue in MantisBT On 2014-12-05 23:35, P Richards wrote: > "Paul Richards also found another redirection issue in permalink_page.php, > which turned out to have the same root cause." > > And nik-picking here, but the issue that I identified in permalink_page.php > I believe was a cross site scripting issue and not a URL redirection > vulnerability so should probably be allocated a separate CVE > identifier? For the record, you reported it to me as a redirection, in the PDF document you sent by e-mail. Anyway, since I came upon this following up on another user's report for the same issue, I'm setting things straight now with a CVE request for the XSS: http://thread.gmane.org/gmane.comp.security.oss.general/16119
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.