oss-sec mailing list archives
Re: Re: CVE Request -- Plone -- arbitrary HTML code injection in safe_html
From: "Steven M. Christey" <coley () linus mitre org>
Date: Tue, 22 Jun 2010 13:09:01 -0400 (EDT)
On Tue, 22 Jun 2010, Matthew Wilkes wrote:
On 2010-06-21, at 2048, Jan Lieskovsky wrote:Could you allocate a CVE id for this?I requested one from MITRE over a week ago, they've not allocated one yet.
Use CVE-2010-2422.I am inferring from the hotfixes and digging into past news announcements that the affected versions are 2.1 through 3.3.4. Please let me know if this is erroneous.
- Steve
Current thread:
- CVE Request -- Plone -- arbitrary HTML code injection in safe_html Jan Lieskovsky (Jun 21)
- Re: CVE Request -- Plone -- arbitrary HTML code injection in safe_html Matthew Wilkes (Jun 22)
- Re: Re: CVE Request -- Plone -- arbitrary HTML code injection in safe_html Steven M. Christey (Jun 22)
- Re: CVE Request -- Plone -- arbitrary HTML code injection in safe_html Matthew Wilkes (Jun 22)