|
Message-ID: <20160305134841.GA3099@eldamar.local> Date: Sat, 5 Mar 2016 14:48:42 +0100 From: Salvatore Bonaccorso <carnil@...ian.org> To: OSS Security Mailinglist <oss-security@...ts.openwall.com> Subject: CVE Request: Dotclear: XSS vulnerability in comments managment page and media exclusion control enforcement Hi Dotclear, a web publishing software, fixed a cross-site scripting vulnerability in 2.8.2. Additionally the media exlusion control in the media manager was furhter enforced: https://dotclear.org/blog/post/2015/10/25/Dotclear-2.8.2 The XSS vulnerability was fixed with https://hg.dotclear.org/dotclear/rev/65e65154dadf The second mentioned issue was addressed with https://hg.dotclear.org/dotclear/rev/198580bc3d80 Could you assign CVEs for those? Regards, Salvatore
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.