oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

CVE-2012-1597: XSS in eZ Publish

From: Luc ABRIC <luc.abric () oppida fr>
Date: Fri, 11 May 2012 09:31:04 +0000
Hi everyone,

eZ Publish just released details and fix for this XSS vulnerability that Yann MICHARD discovered a few months ago:
http://share.ez.no/community-project/security-advisories/ezsa-2012-006-xss-exploit-on-ezjscore-run-command-when-using-firefox
The advisory provides details about the fix itself.

Please update the CVE-2012-1597 details with those informations.

Regards,
Luc ABRIC
IT Security Expert

6 avenue du Vieil Etang - Bâtiment B
78180 Montigny-le-Bretonneux
Phone: +33 (0)1 30 14 19 00
Fax:       +33 (0)1 30 14 19 09
Mobile: +33 (0)6 26 87 62 14
luc.abric () oppida fr

www.oppida.fr
Previous By Date Next
Previous By Thread Next

Current thread: