oss-sec mailing list archives
CVE request: zabbix persistent XSS flaw
From: Vincent Danen <vdanen () redhat com>
Date: Fri, 16 Dec 2011 15:16:02 -0700
Could a CVE be assigned to this flaw? Zabbix 1.8.10rc1 was released to correct persistant cross-site scripting vulnerabilities due to improper sanitization of the gname variable when creating user and host groups. References: http://www.zabbix.com/rn1.8.10rc1.php https://support.zabbix.com/browse/ZBX-4015 https://bugzilla.redhat.com/show_bug.cgi?id=768525 --Vincent Danen / Red Hat Security Response Team
Current thread:
- CVE request: zabbix persistent XSS flaw Vincent Danen (Dec 16)
- Re: CVE request: zabbix persistent XSS flaw Kurt Seifried (Dec 16)