oss-sec mailing list archives

CVE Request: Multiple Vulnerabilities - XSS/Remote Code Injection in MODX

From: Karthik Rangarajan <rangarajan.karthik () gmail com>
Date: Sun, 9 Nov 2014 15:37:03 -0800

Hello,

MODX has released a security advisory for MODX Evolution <=1.0.14. The
version is affected by multiple XSS vulnerabilities as well as a
command injection vulnerability. Please find the advisory below:

http://forums.modx.com/thread/94952/multiple-vulnerabilities-xss-remote-command-injection

Can a CVE please be assigned for these vulnerabilities?

Thanks,
Karthik

-- 
Regards,
Karthik Rangarajan

Current thread:

CVE Request: Multiple Vulnerabilities - XSS/Remote Code Injection in MODX Karthik Rangarajan (Nov 09)
- Re: CVE Request: Multiple Vulnerabilities - XSS/Remote Code Injection in MODX Karthik Rangarajan (Nov 12)