oss-sec mailing list archives

Re: CVE request: XSS vulns in Dotclear v2.9.1

From: cve-assign () mitre org
Date: Tue, 2 Aug 2016 19:50:00 -0400 (EDT)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

I found some XSS vulns in Dotclear v2.9.1

There are two reflected XSS vulns in Dotclear v2.9.1 media manager

/admin/media.php
line 34 $link_type = !empty($_REQUEST['link_type']) ? $_REQUEST['link_type'] : null;
line 62 $q = isset($_REQUEST['q']) ? $_REQUEST['q'] : null;

/dotclear/admin/media.php?q=[XSS]
/dotclear/admin/media.php?link_type=[XSS]

Fix Code:
https://hg.dotclear.org/dotclear/rev/40d0207e520d


Use CVE-2016-6523 for both of these issues.

- -- 
CVE Assignment Team
M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
[ A PGP key is available for encrypted communications at
  http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJXoS7KAAoJEHb/MwWLVhi2FuoP/2KQzJImOr3YJbBtmeneygL+
0I3PRHXCV9rEgnDG5zJKf7ErqWZuC+9NB+yrUc+rHFsaFeCKNobVx+GU/aBN+rUU
nOKLTdsEU1y2y9GT4PPrD5Sas68ubR858oGRB5vwQluMe/DKnQ0lJhIKJ69o3OdK
yoRYoGDvytmsgJLXheq2AZGEvIliyqliIhZhyoFLKtrqzGONE4OscJM9QP1WbJSQ
W7id+L+pBDWw3aKc5RpnKM6jI4olmREJ7pf34qJzmaGqZIQF7dijSlQ9RlRXfulk
rHsK7R6kn7QbzxYKv5gpQyLlGeGbFI9UKgOqDgz41rXsjRh1Yk3WnJqwqIQ5jek7
YnJPj45zbcpG6KxYa0UVpqUDHC7MwHZVR4RI1d0o295esApCyI6ExxhXygaEmksR
HoJCpVwQPMhnqG5VOZgQ2JegFOMiWBonan0a434QyXq1j5Gv0iKCiusg6B5Mxwi1
Kq8lmIduOUEhvUSNmsoq/MsrdtT0rZ91jN9b8IPKdgAMBS4ecWe9ShE7arLJbERo
V8v3CuT4s7vEKPnGXPiRGISza7pqEKJ1YTHxPAELH4TQ2o2121eQvcC3qyI9KkyF
WLlqJ9KTHnU9itqTy/vcrN9/vHWQgGqG2GHGJlXNwXCj0KEuLAdLP7hx9Eupfq9w
6cOz5yeoD/nf1pC1FkH/
=wolV
-----END PGP SIGNATURE-----

Current thread:

CVE request: XSS vulns in Dotclear v2.9.1 陈瑞琦 (Aug 01)
- Re: CVE request: XSS vulns in Dotclear v2.9.1 cve-assign (Aug 02)