oss-sec mailing list archives
CVE request: contao before 2.11.4 sql injection
From: Hanno Böck <hanno () hboeck de>
Date: Fri, 31 Aug 2012 12:21:05 +0200
bug tracker info: https://github.com/contao/core/issues/4427 Upstream changelog: http://contao.org/en/changelog/versions/2.11.html "Fixed a critical privilege escalation vulnerability which allowed regular users to make themselves administrators (thanks to Fabian Mihailowitsch) (see #4427)." I think this has no CVE yet, please assign CVE. -- Hanno Böck mail/jabber: hanno () hboeck de GPG: BBB51E42 http://www.hboeck.de/
Attachment:
signature.asc
Description:
Current thread:
- CVE request: contao before 2.11.4 sql injection Hanno Böck (Aug 31)
- Re: CVE request: contao before 2.11.4 sql injection Kurt Seifried (Aug 31)