oss-sec mailing list archives
Re: Requesting CVEs issued for two XSS vulnerabilities in Djblets (a set of Django helpers)
From: cve-assign () mitre org
Date: Fri, 6 Jun 2014 23:04:00 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Djblets json_dumps ... User can change their display name to [an XSS
sequence]
https://code.google.com/p/reviewboard/issues/detail?id=3406
(the discoverer name begins with "uchida")
Use CVE-2014-3994.
Djblets gravatar templates ... User can change their display name to
[an XSS sequence]
discoverer = Christian Hammond of Bean Bag, Inc. (author of Review Board)
Use CVE-2014-3995. (There are two CVE IDs because of the two discoverers.) - -- CVE assignment team, MITRE CVE Numbering Authority M/S M300 202 Burlington Road, Bedford, MA 01730 USA [ PGP key available through http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (SunOS) iQEcBAEBAgAGBQJTkoDdAAoJEKllVAevmvmsFqIH/3KB48igwDOtf2uW8MvNVlIb uJloJ+rV1z6+aoAcdPSPkTfHta+EAzkkdrFAnSM2YDP1ClafQOiTkBO5HpXrbWew BH+AER+rPNBU1K1vgjVGX8Fu6+H+2u75s2ynQ9ejxLp358Xll6WlHvHlHyk5N4hc 1KzG0gj6+ISb/HRRyF2ZI3nVHPYO9CQk1Ir06TAT5oVjbMGPXrFrC4BBNQ1z57sc cNmELtMkwBFbvOg4LTIDFikNY0yT019B+NCJ5MW5TI4WG1F/7VJGNaXbcR67597h z3Fo8VCfJu/syvWDnFwf9fX/+8AYeVm24BP+oMWhBxVC/PUBiM2QdRhChU5RFVQ= =uoZF -----END PGP SIGNATURE-----
Current thread:
- Requesting CVEs issued for two XSS vulnerabilities in Djblets (a set of Django helpers) Stephen Gallagher (Jun 06)
- Re: Requesting CVEs issued for two XSS vulnerabilities in Djblets (a set of Django helpers) cve-assign (Jun 06)