oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: CVE request: cmsmadesimple before 1.9.4.3 - remote database corruption

From: Kurt Seifried <kseifried () redhat com>
Date: Mon, 14 Nov 2011 09:13:00 -0700
On 11/13/2011 04:12 AM, Hanno Böck wrote:

http://www.cmsmadesimple.org/2011/08/Announcing-CMSMS-1-9-4-3---Security-Release/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+cmsmadesimple%2Fblog+%28CMS+Made+Simple%29

"Today we have released CMSMS 1.9.4.3, a minor release that fixes a
single security issue in the news module. Essentially, a malicious
person could via accessing a sincle URL corrupt your news articles."


Please use CVE-2011-4310 for this issue.

-- 

-Kurt Seifried / Red Hat Security Response Team
Previous By Date Next
Previous By Thread Next

Current thread: