oss-sec mailing list archives

Re: XSS via EXIF tag in Serendipity blog

From: Henri Salo <henri () nerv fi>
Date: Fri, 10 May 2019 11:37:54 +0300

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On Fri, May 03, 2019 at 05:42:18PM +0200, Hanno Böck wrote:

https://github.com/s9y/Serendipity/issues/598
https://blog.s9y.org/archives/282-Serendipity-2.1.5-released.html


MITRE assigned CVE-2019-11870 for this issue.

- -- 
Henri Salo
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEE/aVSDznAZReWTkxKJ633pE6qdXQFAlzVOGIACgkQJ633pE6q
dXT6lhAArWXR0Lp36yH57N6sgGLLF+gQavAOK+DfGjpOIkGsr9stlFzdfSD5HvSM
EASX//8sMenVEXNblPiwbhhJK8cQRnjk/cbIyEACSXngGxU9L4oTAOFCM5PM35On
Yy7rHqUxLeRhNHviAmSPq0D/n4Kwavc8GQBir4O4nYkwzkhoGTS9FCOyQvzFWGir
0cv1hpYxvsLigw02g9qnCspnCrKty7FJoawUJ9G5RhYSJkwzEZYNhAAIKWl+Epb/
xnJXQ5qBuU2KtWpF/Hp5O49GSF1Qd+/Ufdu43jSjbUPKXdD+SbnNRZJXgytj5Nvy
w4BnHprzBRBHor+jlM8gDBUHfJsN6qdU8b1EyfTYHV/WzDZzXAEOViwuheTp5+b7
8kb60uvklRfnwhnoQgz7AowcG9+qIruvDPFvXFRRMsSJh/xGHRkNLvLhngEDdzX5
fVbLkVWmMCuQT6HXQOxCjC4gU59tIa2m1Y75sIT2ZbGcI2XKf/K2mTEcZAIBhV+a
46Qh7/zakZId4w1q+tjkK8dETIBiVLmjsvg1AZWWnTKt2gL28u1ZXyWLJZzmBEHT
3szdmlwbh4p/nvR4qqcY7tn6jy+FAs+gDmacaI/iMVaAb0+/vjOu0EdfORY+h/MJ
9roi5AgpVCrsxxF6DhFPUp9n0ZVO5E5lJlGJv/6HPRowNO+FIq4=
=q1XV
-----END PGP SIGNATURE-----

Current thread:

XSS via EXIF tag in Serendipity blog Hanno Böck (May 03)
- Re: XSS via EXIF tag in Serendipity blog Henri Salo (May 10)