Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Multiple Reflected Cross-site Scripting Vulnerabilities in Coppermine 1.5.46

From: Henri Salo <henri () nerv fi>
Date: Sat, 26 Jan 2019 13:16:45 +0200
On Wed, Jan 23, 2019 at 01:10:08PM +0100, Daniel Bishtawi wrote:

We are glad to inform you about the vulnerabilities we reported in
Coppermine 1.5.46.

Status: Fixed
CVE-ID: 2018-14478
https://www.netsparker.com/web-applications-advisories/ns-18-050-cross-site-scripting-in-coppermine/


Fixed in 1.5.48. Vendor advisory: http://forum.coppermine-gallery.net/index.php/topic,79577.0.html

You might want to repeat your security testing on modified parts of the
application.

-- 
Henri Salo

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/
Previous By Date Next
Previous By Thread Next

Current thread: