oss-sec mailing list archives

CVE request: serendipity before 1.7.3 XSS

From: Hanno Böck <hanno () hboeck de>
Date: Sun, 1 Sep 2013 07:01:55 +0200

Serendipity blog software contains an XSS in the shipped
htmlarea-code for spell checking.

Vulnerability report:
http://osvdb.org/87395
Upstream confirmation:
http://blog.s9y.org/archives/250-Serendipity-1.7.3-released.html
Git commit:
https://github.com/s9y/Serendipity/commit/d7dbe7757371c7f25a39463d1b924604785ae475

Please assign CVE.

cu,
-- 
Hanno Böck
http://hboeck.de/

mail/jabber: hanno () hboeck de
GPG: BBB51E42

Attachment: signature.asc
Description:

Current thread:

CVE request: serendipity before 1.7.3 XSS Hanno Böck (Aug 31)
- Re: CVE request: serendipity before 1.7.3 XSS cve-assign (Sep 01)