Full Disclosure mailing list archives
Re: Stored XSS in Google Analytics by Yoast Premium allows privileged users to attack other users (WordPress plugin)
From: dxw Security <security () dxw com>
Date: Wed, 12 Aug 2015 12:27:09 +0100
Ah yes - sorry about that. Should indeed be 2015-08-10 I’ve corrected in our published advisory: https://security.dxw.com/advisories/xss-in-google-analytics-by-yoast-premium-by-privileged-users/ <https://security.dxw.com/advisories/xss-in-google-analytics-by-yoast-premium-by-privileged-users/> Thanks for letting me know --- Duncan Stuart (@dgmstuart) Head of Products, dxw Exemplary web projects for the public sector http://dxw.com/ 07866 936 959 0345 257 7520 skype: dxwduncan
On 12 Aug 2015, at 08:08, Christ van Willegen <cvwillegen () gmail com> wrote: Hi all, On Mon, Aug 10, 2015 at 2:16 PM, dxw Security <security () dxw com> wrote:Timeline ================ 2015-07-21: Discovered 2015-07-22: Reported to vendor via email 2015-07-22: Requested CVE 2015-07-10: Vendor confirmed fixed in version 5.4.5 2015-07-10: PublishedAfter the fact, of course, but I guess 2015-08-10 for 'vendor confirmed' and 'published'? Christ van Willegen -- 09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
_______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Current thread:
- Stored XSS in Google Analytics by Yoast Premium allows privileged users to attack other users (WordPress plugin) dxw Security (Aug 11)
- Message not available
- Re: Stored XSS in Google Analytics by Yoast Premium allows privileged users to attack other users (WordPress plugin) dxw Security (Aug 12)
- Message not available