oss-sec mailing list archives

CVE Request: ikiwiki: cross-site scripting via openid_identifier

From: Salvatore Bonaccorso <carnil () debian org>
Date: Mon, 30 Mar 2015 06:58:01 +0200

Hi

A cross-site scripting vulnerability via openid_identifier was
reported in the Debian BTS at [1]. Upstream fix is at [2]. Could a CVE
be assigned to this issue?

 [1] https://bugs.debian.org/781483
 [2] http://source.ikiwiki.branchable.com/?p=source.git;a=commitdiff;h=18dfba868fe2fb9c64706b2123eb0b3a3ce66a77

Regards,
Salvatore

Current thread:

CVE Request: ikiwiki: cross-site scripting via openid_identifier Salvatore Bonaccorso (Mar 29)
- Re: CVE Request: ikiwiki: cross-site scripting via openid_identifier cve-assign (Mar 30)
- <Possible follow-ups>
- CVE Request: ikiwiki: cross-site scripting via openid_identifier Vasyl Kaigorodov (Mar 30)
  - Re: CVE Request: ikiwiki: cross-site scripting via openid_identifier Simon McVittie (Mar 30)