oss-sec mailing list archives
Re: CVE request: XSS flaw fixed in dokuwiki 2014-09-29b
From: Martin Prpic <mprpic () redhat com>
Date: Mon, 15 Dec 2014 17:10:23 +0100
Martin Prpic writes:
Hi, can a CVE please be assigned to the following issue: Release 2014-09-29b "Hrun": Security Hotfix 2014-09-29b: prevents XSS attack via SWF uploads I'm assuming this was fixed via: https://github.com/splitbrain/dokuwiki/commit/778ddf6f2cd9ed38b9db2d73e823b8c21243a960 Thank you!
Apparently this already has a CVE assigned: CVE-2014-9253 Here is an advisory from the original reporter: http://security.szurek.pl/dokuwiki-20140929a-xss.html Thanks, -- Martin Prpič / Red Hat Product Security
Current thread:
- CVE request: XSS flaw fixed in dokuwiki 2014-09-29b Martin Prpic (Dec 15)
- Re: CVE request: XSS flaw fixed in dokuwiki 2014-09-29b Martin Prpic (Dec 15)