Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Wed, 7 Dec 2016 11:29:30 +0800
From: haojun hou <haojunhou@...il.com>
To: oss-security@...ts.openwall.com
Cc: mr@...buckingham.com
Subject: CVE request -BigTree CMS 4.2.13 Extension Form Builder
 Multiple Cross-Site Scripting (XSS)

I reported multiple reflected cross-site scripting vulnerabilities in
BigTree CMS Extension Form Builder several days ago. Please assign CVEs if
you think they are suitable for identifiers.Thanks.

Affected version: BigTree CMS 4.2.13, From Builder 1.1

Reported by Tim Buckingham in
*https://github.com/bigtreecms/BigTree-CMS/issues/265
<https://github.com/bigtreecms/BigTree-CMS/issues/265>*

Fixed in:
https://github.com/Fastspot/bigtree-form-builder/commit/06fde0cc67ff121b212715031e12574f50970fcd

Thanks & Regards

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.