[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] CVE-request: WordPress plugin Count Per Day XSS (SSCHADV2012-015)
From:       Kurt Seifried <kseifried () redhat ! com>
Date:       2012-07-27 8:12:52
Message-ID: 50124D84.8080005 () redhat ! com
[Download RAW message or body]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 07/24/2012 01:26 AM, Henri Salo wrote:
> Hello,
> 
> Can we assign 2012 CVE-identifier for XSS vulnerability in
> WordPress plugin Count Per Day, thanks.
> 
> Original advisory:
> http://www.darksecurity.de/advisories/2012/SSCHADV2012-015.txt 
> OSVDB: http://osvdb.org/show/osvdb/83491 Secunia advisory:
> http://secunia.com/advisories/49692/ Vendor page:
> http://www.tomsdimension.de/wp-plugins/count-per-day SCM:
> http://plugins.trac.wordpress.org/changeset/571926/count-per-day#file22
>
>  Fixed in version 3.2 of the plugin, which I manually verified.
> 
> - Henri Salo
> 

Sorry forgot to about this one. Please use CVE-2012-3434 for this issue.

- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJQEk2EAAoJEBYNRVNeJnmTlyUP/ivkklXhU+nObX/T80m9ujIF
JJcoejmbkl8kVsBhezT0wm8vKKKJpgHAvI/7M/IrEBw2OAXjQETWCkxWqOAGvgyG
zFXsFSFPpVYyOtrfTdF4PIE+6rw54rT/n0FOSwZa3MyrDEFRydzreUzpovDm32b3
xeAuXu0wixgxCr4p6RmuKbeFIoInIJhwBKf2NgcUP1DumjIGru0yryLwg7kI+FaK
wTlgHNEuCiWN5tPvHd5EmVMi9KPTDiRFpaylSUvu28O6aaV4FPtlSd7TVseuyEz2
Fkv0R/kUgimmoBtfN0K79nTgkLTZ79ETGQWC7uwH6lQLCd3wYRbUdn6XvLiE3+r0
euEoeWVitEec0RnZns/xpULuXZvL0tbwBdCyQ1ipbmeY3fVyYrSE84hgb3SOddbi
MEBZODZgsiK5UUL6d3mxRPHYwTHxs6ZJyd1AHbXAZjX0smJ7+t0e/Lfd1JiDZaqP
IzDeRZDSXwjzhBfIEMfzK+fjbCSa5lZA0Ufc7dRzvjzz0uAWobOLWEOexvYpMjZZ
vetfsKz0PDbg/9gajz2SsTMQk47MS3w882igYzkIq/pDgHiJQkKh/Rl/8bglfNpn
HwNnlcl3XYzuGMrHAb2zSKhe11TPprMe+OK0+dNwprZx6lEqnDbLgM+8tHYevThp
Oe9yvBL8mx/xKX3PhTj8
=cUhC
-----END PGP SIGNATURE-----
[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic