oss-sec mailing list archives
Re: CVE request: mantis before 1.2.3 (XSS)
From: Josh Bressers <bressers () redhat com>
Date: Thu, 16 Sep 2010 16:10:27 -0400 (EDT)
----- "Kurt Seifried" <kurt () seifried org> wrote:
These four have no CVE #: - 0012231: [security] XSS vulnerability when uninstalling maliciously named plugins (dhx) - resolved. - 0012232: [security] Multiple XSS issues with custom field enumeration values (dhx) - resolved. - 0012234: [security] XSS issues when using custom field String values (dhx) - resolved. - 0012238: [security] XSS in print_all_bug_page_word.php when printing project and category names (dhx) - resolved.
I'm assigning one ID to all four of these. If someone thinks they should be split, let me know. Use CVE-2010-3303 Thanks. -- JB
Current thread:
- CVE request: mantis before 1.2.3 (XSS) Hanno Böck (Sep 14)
- Re: CVE request: mantis before 1.2.3 (XSS) Hanno Böck (Sep 14)
- Re: CVE request: mantis before 1.2.3 (XSS) Kurt Seifried (Sep 14)
- Re: CVE request: mantis before 1.2.3 (XSS) Josh Bressers (Sep 16)
- Re: CVE request: mantis before 1.2.3 (XSS) Kurt Seifried (Sep 14)
- Re: CVE request: mantis before 1.2.3 (XSS) Kurt Seifried (Sep 14)
- Re: CVE request: mantis before 1.2.3 (XSS) Hanno Böck (Sep 14)