[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: [oss-security] CVE for HTML-Template-Pro 0.9506 XSS
From: Kurt Seifried <kseifried () redhat ! com>
Date: 2011-12-19 5:05:25
Message-ID: 4EEEC615.3000700 () redhat ! com
[Download RAW message or body]
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=652587
http://search.cpan.org/~viy/HTML-Template-Pro-0.9507/lib/HTML/Template/Pro.pm
diff -ru HTML-Template-Pro-0.9506/templates-Pro/test_var3.out
HTML-Template-Pro-0.9507/templates-Pro/test_var3.out
--- HTML-Template-Pro-0.9506/templates-Pro/test_var3.out 2007-05-07
04:09:54.000000000 -0600
+++ HTML-Template-Pro-0.9507/templates-Pro/test_var3.out 2011-12-09
00:41:53.000000000 -0700
@@ -8,7 +8,7 @@
\<>"; %FAhidden:
end
- \\<>\"; %FAhidden:\r\nend
+ \\<>\"; %FAhidden:\r\nend
<H1> END test_var3 </H1>
</body></html>
Please use CVE-2011-4616 for this issue.
--
-Kurt Seifried / Red Hat Security Response Team
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic