oss-sec mailing list archives
Duplicated CVE - Cacti XSS
From: Adan Alvarez <adan.alvarez.90 () gmail com>
Date: Thu, 24 Jul 2014 20:59:19 +0200
Hello, I requested a CVE to mitre three days ago because of the security bug I found: http://bugs.cacti.net/view.php?id=2456 CVE-2014-5043. Unfortunately, there are currently two CVE assigned to this security issue: CVE-2014-5025 and CVE-2014-5026. So I don't know what should I do. On the other hand, I just discovered another XSS vulnerability that is not solved by the current patch. Here you have the details to reproduce it: Create a new user or edit an existing one with the following Full Name: [XSS] Then go to System Utilities - View User Log, and if the user has logged in you will see a popup with the text "XSS". Maybe the CVE-2014-5043 can by used to identify this last discovery. Regards, Adan
Current thread:
- Duplicated CVE - Cacti XSS Adan Alvarez (Jul 24)
- Re: Duplicated CVE - Cacti XSS cve-assign (Jul 24)
- Re: Duplicated CVE - Cacti XSS Adan Alvarez (Jul 24)
- Re: Duplicated CVE - Cacti XSS cve-assign (Jul 24)