oss-sec mailing list archives
CVE Request: Dotclear: XSS vulnerability in comments managment page and media exclusion control enforcement
From: Salvatore Bonaccorso <carnil () debian org>
Date: Sat, 5 Mar 2016 14:48:42 +0100
Hi Dotclear, a web publishing software, fixed a cross-site scripting vulnerability in 2.8.2. Additionally the media exlusion control in the media manager was furhter enforced: https://dotclear.org/blog/post/2015/10/25/Dotclear-2.8.2 The XSS vulnerability was fixed with https://hg.dotclear.org/dotclear/rev/65e65154dadf The second mentioned issue was addressed with https://hg.dotclear.org/dotclear/rev/198580bc3d80 Could you assign CVEs for those? Regards, Salvatore
Current thread:
- CVE Request: Dotclear: XSS vulnerability in comments managment page and media exclusion control enforcement Salvatore Bonaccorso (Mar 05)