oss-sec mailing list archives
Re: CVE request: Joomla two XSS vulnerabilities fixed in 2.5.7
From: Kurt Seifried <kseifried () redhat com>
Date: Fri, 19 Oct 2012 13:01:47 -0600
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 10/07/2012 10:30 AM, Henri Salo wrote:
Hello, I think these two Joomla security issues does not have CVE-identifiers: http://www.joomla.org/announcements/release-news/5463-joomla-2-5-7-released.html
http://secunia.com/advisories/49678/
Versions: 2.5.6 and all earlier 2.5.x versions 1) http://developer.joomla.org/security/news/539-20120901-core-xss-vulnerability
Please
use CVE-2012-4531 for this issue.
2) http://developer.joomla.org/security/news/540-20120902-core-xss-vulnerability
http://osvdb.org/show/osvdb/83490
http://www.darksecurity.de/advisories/2012/SSCHADV2012-014.txt
Please use CVE-2012-4532 for this issue.
- Henri Salo
- -- Kurt Seifried Red Hat Security Response Team (SRT) PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://www.enigmail.net/ iQIcBAEBAgAGBQJQgaObAAoJEBYNRVNeJnmTvyMP+wT3uWTMZOvtdsexpikfNDcS zw0jzoLdaTWPYUKsa5E5roOOjmmV/WlNR8VbCAVLXb710rW57KX6Y85luZbs73oQ G5+w6GocF0heURpsPKNDZw1i4A6iy+LVGACT6BZ2djC8kXvciEl7peTOZKXEcAdJ fonjAuXJapDHreOaWzZ+1lpamSRc0/ckbmuMcAUygqqGiFn5o0pFePfoGfyW+cLl 0rAmHCh/VfJRdPgQUKmYukExUY1alkTNGFb2uO5fjUR3vXurJY/oGEge4Sk5hiWr sfpnSQ2VPGg47APMDFV+y+7ZgADfXDMhbbqIfHT+6wioZkcmJecqYakciknaHQsi /vAkg65b0uaNp6Wt/tFID6eLuIjpZU2P90KVbqr1K4aNzy9Xmsq1Kn79dmJIv3rz fI8uFmg9SjrLQMFJ8Mp3aWZbUft1KyNPbqIwXHC6lRLhxcftDcN+if8IAgDxd5Ru rDras3PMvooKDRZNCCnEOdvl+jusqevb4YYBKqdpxuBhPYk4TrDDOGz1a8fa8hG5 ez+zSPURvkDCBEmhH0+MXEVUP03HP4d6KQOaJRVlUeeFQjJOAIx39h7Dd7cSfBgU he9YIfiSRiLo3kBzXiby9RvyxEUsAk9Avz4imyxC/08uIFgGYXVjrYPZmlYCuj1y mhgSYqGdUfJVygF6KCqE =/yJ8 -----END PGP SIGNATURE-----
Current thread:
- CVE request: Joomla two XSS vulnerabilities fixed in 2.5.7 Henri Salo (Oct 07)
- Re: CVE request: Joomla two XSS vulnerabilities fixed in 2.5.7 Kurt Seifried (Oct 09)
- Re: CVE request: Joomla two XSS vulnerabilities fixed in 2.5.7 Henri Salo (Oct 09)
- Re: CVE request: Joomla two XSS vulnerabilities fixed in 2.5.7 Kurt Seifried (Oct 19)
- Re: CVE request: Joomla two XSS vulnerabilities fixed in 2.5.7 Kurt Seifried (Oct 09)