'Re: [oss-security] CVE request: mantis before 1.2.3 (XSS)'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] CVE request: mantis before 1.2.3 (XSS)
From:       Josh Bressers <bressers () redhat ! com>
Date:       2010-09-16 20:10:27
Message-ID: 1878625536.256431284667827677.JavaMail.root () zmail01 ! collab ! prod ! int ! phx2 ! redhat ! com
[Download RAW message or body]

----- "Kurt Seifried" <kurt@seifried.org> wrote:

> 
> These four have no CVE #:
> - 0012231: [security] XSS vulnerability when uninstalling maliciously
> named plugins (dhx) - resolved.
> - 0012232: [security] Multiple XSS issues with custom field
> enumeration values (dhx) - resolved.
> - 0012234: [security] XSS issues when using custom field String
> values
> (dhx) - resolved.
> - 0012238: [security] XSS in print_all_bug_page_word.php when
> printing
> project and category names (dhx) - resolved.
> 

I'm assigning one ID to all four of these. If someone thinks they should be
split, let me know.

Use CVE-2010-3303

Thanks.

-- 
    JB
[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic