oss-sec mailing list archives
CVE request for Movable Type
From: Yves-Alexis Perez <corsac () debian org>
Date: Mon, 21 Jan 2013 21:48:46 +0100
Hi, Movable Type 4.38 has been released few weeks ago, fixing a security issue in the upgrade page. More information can be found at [1] but basically it looks like missing input sanitation on the mt-upgrade.cgi page. As far as I can tell, no CVE has been allocated yet, could someone allocate one? Regards, [1]: http://www.movabletype.org/2013/01/movable_type_438_patch.html -- Yves-Alexis
Attachment:
signature.asc
Description: This is a digitally signed message part
Current thread:
- CVE request for Movable Type Yves-Alexis Perez (Jan 21)
- Re: CVE request for Movable Type Kurt Seifried (Jan 21)
- Re: CVE request for Movable Type cve-assign (Jan 22)
- Re: CVE request for Movable Type Kurt Seifried (Jan 21)