oss-sec mailing list archives
Re: CVE request: tikiwiki <= 5.2 XSS, CSRF, file inclusion
From: Josh Bressers <bressers () redhat com>
Date: Mon, 22 Nov 2010 11:16:45 -0500 (EST)
----- "Hanno Böck" <hanno () hboeck de> wrote:
See: http://packetstormsecurity.org/files/view/94257/tikiwiki52-lfi.txt http://packetstormsecurity.org/files/view/94256/tikiwiki52-xsrf.txt http://packetstormsecurity.org/files/view/94255/tikiwiki52-xss.txt All fixed in 5.3 and 3.8: http://info.tiki.org/article113-Tiki-Wiki-CMS-Groupware-Releases-5-3-and-3-8-LTS-Security-Patches
Sorry for the delay. CVE-2010-4239 tikiwiki local file inclusion CVE-2010-4240 tikiwiki xss CVE-2010-4241 tikiwiki csrf Thanks. -- JB
Current thread:
- CVE request: tikiwiki <= 5.2 XSS, CSRF, file inclusion Hanno Böck (Nov 18)
- Re: CVE request: tikiwiki <= 5.2 XSS, CSRF, file inclusion Josh Bressers (Nov 22)