oss-sec mailing list archives
CVE request: serendipity before 1.6 backend XSS in karma plugin
From: Hanno Böck <hanno () hboeck de>
Date: Fri, 28 Oct 2011 10:02:25 +0200
http://blog.s9y.org/archives/233-Serendipity-1.6-released.html "Fixes a backend XSS issue in the karma plugin and media database filtering, thanks to Stefan Schurtz!" If anyone asks: Backend XSS are a security issue in multiuser webapps, one less priviliged user can use them to gain more privilege. Please assign CVE. -- Hanno Böck mail/jabber: hanno () hboeck de GPG: BBB51E42 http://www.hboeck.de/
Attachment:
signature.asc
Description:
Current thread:
- CVE request: serendipity before 1.6 backend XSS in karma plugin Hanno Böck (Oct 28)
- Re: CVE request: serendipity before 1.6 backend XSS in karma plugin Kurt Seifried (Oct 28)
- Re: CVE request: serendipity before 1.6 backend XSS in karma plugin Hanno Böck (Oct 29)
- Re: CVE request: serendipity before 1.6 backend XSS in karma plugin Kurt Seifried (Oct 29)
- Re: CVE request: serendipity before 1.6 backend XSS in karma plugin Hanno Böck (Oct 29)
- Re: CVE request: serendipity before 1.6 backend XSS in karma plugin Kurt Seifried (Oct 28)