oss-sec mailing list archives
CVE request: XSS in MODX Revolution before 2.2.11
From: Hanno Böck <hanno () hboeck de>
Date: Mon, 24 Feb 2014 12:52:51 +0100
Hi, Can I get a CVE for this issue? MODX Revolution 2.2.11 release announcement: http://modx.com/blog/2014/01/21/revolution-2.2.11%E2%80%94security-fixes-and-prevent-change-loss/ says "Prevent XSS on actionVar in header.tpl in the Manager" This is the git commit: https://github.com/modxcms/revolution/commit/77463eb6a8090f474b04fdc1b72225cb93c558ea I haven't found any other public sources / advisories for the XSS, so I assume it was detected by the MODX devs themselves. cu, -- Hanno Böck http://hboeck.de/ mail/jabber: hanno () hboeck de GPG: BBB51E42
Attachment:
signature.asc
Description:
Current thread:
- CVE request: XSS in MODX Revolution before 2.2.11 Hanno Böck (Feb 24)
- Re: CVE request: XSS in MODX Revolution before 2.2.11 cve-assign (Feb 24)