Date: Wed, 22 Jun 2016 10:09:55 -0500 From: John Lightsey <john@...nuts.net> To: oss-security <oss-security@...ts.openwall.com> Subject: CVE request: SQL injection in MovableType xml-rpc interface Hi there, SixApart just released new versions of MovableType 6.2 and 6.1 to fix an SQL injection in the xml-rpc interface. The vulnerability also affects the older GPLv2 licensed MovableType 5.2.13. Could you please assign a CVE identifier for tracking this issue? https://movabletype.org/news/2016/06/movable_type_626_and_613_released.html Download attachment "signature.asc" of type "application/pgp-signature" (820 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.