oss-sec mailing list archives
CVE request: silverstripe before 2.4.4
From: Hanno Böck <hanno () hboeck de>
Date: Tue, 4 Jan 2011 00:50:19 +0100
http://www.silverstripe.org/security-releases/ Silverstripe 2.4.4 notes: SQL information disclosure, SQL injection in Translatable extension, Cross Site Request Forgery in various CMS interfaces, XSS in controller action handling (if someone is motivated one could also assign CVEs to all the old version issues) -- Hanno Böck Blog: http://www.hboeck.de/ GPG: 3DBD3B20 Jabber/Mail: hanno () hboeck de http://schokokeks.org - professional webhosting
Attachment:
signature.asc
Description: This is a digitally signed message part.
Current thread:
- CVE request: silverstripe before 2.4.4 Hanno Böck (Jan 03)
- Re: CVE request: silverstripe before 2.4.4 Josh Bressers (Jan 04)