oss-sec mailing list archives
Re: Re: CVE-request: XSS in Webmin 1.540
From: Josh Bressers <bressers () redhat com>
Date: Mon, 13 Jun 2011 14:56:03 -0400 (EDT)
----- Original Message -----
On 13/Jun/2011 06:40 Henri Salo <henri () nerv fi> wrote ..Hi, I would like to receive CVE-identifier for this issue in Webmin. References: http://seclists.org/fulldisclosure/2011/Apr/393 Javier Bassi told me that the Bugtraq ID is 47558. Couldn't find this from OSVDB. Fixed in commit: https://github.com/webmin/webmin/commit/46e3d3ad195dcdc1af1795c96b6e0dc778fb6881 which is included to Webmin 1.550 release. Should be 2011 identifier.There is no CVE for this - the original submitter Javier had trouble obtaining one. Actually, I have no idea where CVEs come from either!
A CVE id was assigned here: http://seclists.org/oss-sec/2011/q2/478 As for getting an ID in the future, your best bet is to mail me directly with your request. MITRE is generally swamped with requests, where I don't service near the volume they do. If you have any questions, I'd be happy to answer them. Thanks. -- JB
Current thread:
- CVE-request: XSS in Webmin 1.540 Henri Salo (Jun 13)
- Re: CVE-request: XSS in Webmin 1.540 Javier Bassi (Jun 13)
- Re: CVE-request: XSS in Webmin 1.540 Jamie Cameron (Jun 13)
- Re: Re: CVE-request: XSS in Webmin 1.540 Josh Bressers (Jun 13)