oss-sec mailing list archives
CVE Request: Post Revolution multiple security vulnerabilities
From: Javier Bassi <javierbassi () gmail com>
Date: Tue, 24 May 2011 21:55:13 -0300
Hi, I need a CVE for Post Revolution 0.8c multiple security vulnerabilities. (Post Revolution is a CMS similar to Wordpress released under GPLv2) The vulnerabilities are: 1. A Denial of service vulnerability. 2. Cross-site scripting vulnerabilities. 3. Cross-site request forgery vulnerabilities. Vendor has publicly confirmed the existence of the vulnerabilities: http://translate.google.com/translate?u=http%3A%2F%2Fpostrev.com.ar%2F&sl=es&tl=en&hl=&ie=UTF-8 I will wait for vendor to fully patch these issues before full-disclosure (probably by Friday)
Current thread:
- CVE Request: Post Revolution multiple security vulnerabilities Javier Bassi (May 24)
- Re: CVE Request: Post Revolution multiple security vulnerabilities Josh Bressers (May 31)