[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    [oss-security] CVE request: XSS issues in Koha
From:       Chris Cormack <chris () bigballofwax ! co ! nz>
Date:       2014-12-27 3:30:05
Message-ID: CA+95qVR+P4UYrBQmEoGN_j+BTSLN5YuX7N5WsQkYDrj2JLksVg () mail ! gmail ! com
[Download RAW message or body]


Hi All

As a current release maintainer for Koha I would like to request a CVE
number for an XSS vulnerability that has been address by Koha releases
3.16.6 and 3.18.2

The bug fixed is
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=13425
There is an xss vulnerability in 3.16, 3.18 and master in the opac and
intranet facets

Thank you

Chris


[prev in list] [next in list] [prev in thread] [next in thread]