oss-sec mailing list archives

CVE request: lxr

From: Raphael Geissert <geissert () debian org>
Date: Mon, 03 May 2010 01:24:37 -0500

Hi,

While working on an update for lxr the following commit by upstream that 
fixes an XSS vulnerability in the search page was found:

Fix XSS exploit in title string

http://lxr.cvs.sourceforge.net/viewvc/lxr/lxr/lib/LXR/Common.pm?r1=1.63&r2=1.64

It does not seem to be covered by CVE-2009-4497.

Please assign an id. Thanks in advance.

Kind regards,
-- 
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net

Current thread:

CVE request: lxr Raphael Geissert (May 02)
- Re: CVE request: lxr Dan Rosenberg (May 03)
  - Re: CVE request: lxr Henri Salo (May 03)
    - Re: CVE request: lxr Josh Bressers (May 03)
    - Re: CVE request: lxr Henri Salo (May 03)
    - Re: CVE request: lxr Dan Rosenberg (May 03)
    - Re: CVE request: lxr Steven M. Christey (May 06)
    - Re: CVE request: lxr Dan Rosenberg (May 06)
    - Re: CVE request: lxr Josh Bressers (May 14)
    - Re: CVE request: lxr Dan Rosenberg (May 14)
    - Re: CVE request: lxr Josh Bressers (May 14)

(Thread continues...)