oss-sec mailing list archives
Request 2 CVE-IDs for Zeus Voting System
From: DaKnOb <daknob.mac () gmail com>
Date: Wed, 13 May 2015 19:09:49 +0300
Zeus (https://github.com/grnet/zeus) is a fork of Helios that is actively developed by GRNET (http://www.grnet.gr/) and is considered to be used in Greek Elections (starts with small and rolls out to larger elections). Two XSS vulnerabilities that allow JavaScript Execution have been found, one of which has a PoC running JavaScript / Modifying HTML in the voter’s browser during the voting process. XSS #1 - https://github.com/grnet/zeus/issues/28 XSS #2 - https://github.com/grnet/zeus/issues/29 Thank you, Antonios A. Chariton
Current thread:
- Request 2 CVE-IDs for Zeus Voting System DaKnOb (May 13)
- Message not available
- Re: Request 2 CVE-IDs for Zeus Voting System DaKnOb (May 14)
- Message not available
- Re: Request 2 CVE-IDs for Zeus Voting System DaKnOb (May 14)