Re: XSS in NextCellent Gallery 1.9.13 WordPress plugin

["Larry W. Cashdollar" <larry0 () me com>]

On May 4, 2014, at 11:31 PM, cve-assign () mitre org wrote:

> The latter does not describe how the attack crosses privilege
> boundaries.

My apologies, I’ll update the advisory with the missing information.

> Use CVE-2014-3123.
>
> --
> CVE assignment team, MITRE CVE Numbering Authority
> M/S M300
> 202 Burlington Road, Bedford, MA 01730 USA
> [ PGP key available through http://cve.mitre.org/cve/request_id.html ]