oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

CVE-2015-6584: XSS in DataTables

From: Martin Prpic <mprpic () redhat com>
Date: Tue, 15 Sep 2015 12:57:05 +0200
Hi,

CVE-2015-6584 was assigned to a cross-site scripting flaw in DataTables:

https://www.netsparker.com/cve-2015-6384-xss-vulnerability-identified-in-datatables/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6584

Any pointers on which commit fixes this issue? The advisory linked above
only mentions it was fixed in 1.10.9, but the changelog for that version
does not mention the CVE, or any change that looks like XSS for that
matter.

https://cdn.datatables.net/1.10.9/
https://github.com/DataTables/DataTables/commits/master

Thanks!

-- 
Martin Prpič / Red Hat Product Security
Previous By Date Next
Previous By Thread Next

Current thread: