oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: CVE Request: ikiwiki: cross-site scripting via openid_identifier

From: Simon McVittie <smcv () debian org>
Date: Mon, 30 Mar 2015 19:02:08 +0100
On 30/03/15 13:40, Vasyl Kaigorodov wrote:

Cross-site scripting flaw in the handling of the openid_identifier
parameterhas been fixed in ikiwiki:

http://source.ikiwiki.branchable.com/?p=source.git;a=commit;h=18dfba868fe2fb9c64706b2123eb0b3a3ce66a77

References:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=781483
https://bugzilla.redhat.com/show_bug.cgi?id=1207210

Can we have a CVE assigned to this please?


Please note that Salvatore Bonaccorso already requested a CVE ID for
ikiwiki Debian bug 781483; this request covers the same issue.

    S
Previous By Date Next
Previous By Thread Next

Current thread: