oss-sec mailing list archives
Re: Fwd: XSS vulnerability in Joomla 1.6.3 - CVE-2011-2710 / CVE-2011-2708 issue
From: Kurt Seifried <kseifried () redhat com>
Date: Mon, 21 Nov 2011 14:46:53 -0700
CVE-2011-2708 and CVE-2011-2710 are both about 20110701 XSS vulnerability: http://developer.joomla.org/security/news/357-20110701-xss-vulnerability.html and I have already contacted MITRE twice to get another one marked as obsolete. Best regards, Henri Salo
Ok CVE-2011-2710 is public in CVE and NVD: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2710, and CVE-2011-2708 is still marked as reserved so we should probably quietly take CVE-2011-2708 out back and shoot it. CC'ing mitre. -- -Kurt Seifried / Red Hat Security Response Team
Current thread:
- Fwd: XSS vulnerability in Joomla 1.6.3 Henri Salo (Nov 21)
- Re: Fwd: XSS vulnerability in Joomla 1.6.3 Kurt Seifried (Nov 21)
- Re: Fwd: XSS vulnerability in Joomla 1.6.3 Henri Salo (Nov 21)
- Re: Fwd: XSS vulnerability in Joomla 1.6.3 - CVE-2011-2710 / CVE-2011-2708 issue Kurt Seifried (Nov 21)
- Re: Fwd: XSS vulnerability in Joomla 1.6.3 - CVE-2011-2710 / CVE-2011-2708 issue Steven M. Christey (Nov 22)
- Typo in description of CVE-2011-2708 and CVE-2011-4331? [was: Re: [oss-security] Fwd: XSS vulnerability in Joomla 1.6.3 - CVE-2011-2710 / CVE-2011-2708 issue] Jan Lieskovsky (Nov 23)
- Re: Fwd: XSS vulnerability in Joomla 1.6.3 Henri Salo (Nov 21)
- Re: Fwd: XSS vulnerability in Joomla 1.6.3 Kurt Seifried (Nov 21)
- Re: Fwd: XSS vulnerability in Joomla 1.6.3 Kurt Seifried (Nov 21)