oss-sec mailing list archives
Re: CVE-Request -- Landsknecht Adminsystems v.4.0.1 (DEV, beta version) -- Reflecting XSS, unrestricted file-upload and underlaying CSRF
From: cve-assign () mitre org
Date: Sat, 14 Feb 2015 10:29:48 -0500 (EST)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Use CVE-2015-1603 for both XSS issues. Use CVE-2015-1604 for the "upload arbitrary files" issue. The available information doesn't suggest that any of the behavior would typically be considered a separate CSRF vulnerability. There is no CVE ID for Landsknecht Adminsystems CSRF. - -- CVE assignment team, MITRE CVE Numbering Authority M/S M300 202 Burlington Road, Bedford, MA 01730 USA [ PGP key available through http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (SunOS) iQEcBAEBAgAGBQJU32mXAAoJEKllVAevmvmsCW8H/jyeFJ4gGAF99n0lkRoocR4x VKVXjxIHa30xj/L6385pgon4rh5SYydABYsHQR2dN+090POwo8Pi7ZDvCXVu78gG zwpPSZJpdKvusRUaRfUh66pCKsYsiw0S7D/rWf/5ICZWPRBlQbuAKyZeR3cBlD7l NxzwpuWsPo4qPoFc//+r7M7UTjm619UjTvFHdV8cv+VTXwCYwDKRY6ivFU5cemoF rL41HnMIRRzjEytfWJTRtKdFDLAf5+EtqdNlEPWPrm6kLv6BME4Xq3TGi07zbSkI Q8Uhm5+bcEYKmb7WjiPfxabMDbd0YIWhuskWIciJNOI5pyJRVAqnKBDjJIANYKE= =w6LF -----END PGP SIGNATURE-----
Current thread:
- CVE-Request -- Landsknecht Adminsystems v.4.0.1 (DEV, beta version) -- Reflecting XSS, unrestricted file-upload and underlaying CSRF Steffen Rösemann (Feb 13)
- Re: CVE-Request -- Landsknecht Adminsystems v.4.0.1 (DEV, beta version) -- Reflecting XSS, unrestricted file-upload and underlaying CSRF cve-assign (Feb 13)
- Re: CVE-Request -- Landsknecht Adminsystems v.4.0.1 (DEV, beta version) -- Reflecting XSS, unrestricted file-upload and underlaying CSRF cve-assign (Feb 14)