Bugtraq mailing list archives
Re: Plunet BusinessManager failure in access controls and multiple stored cross site scripting
From: Stefano Zanero <s.zanero () securenetwork it>
Date: Fri, 09 Jan 2009 11:09:34 +0100
Dear all, just in order to give complete information, after being contacted by the vendor (thanks !) we can confirm the following version information:
Systems affected: Plunet BusinessManager 4.1
Therefore, the vendor recommended fix is as follows:
*** FIX INFORMATION ***
Upgrade Plunet BusinessManager to the latest available version, and in any case to a version >=4.2 Our advisory has been updated to reflect this new information: http://www.securenetwork.it/ricerca/advisory/download/SN-2008-04.txt For the records, what apparently happened is that our first advisory was correctly received and immediately acted upon by the vendor, but we never received an acknowledgment and fix information afterwards for some communication mishap. Our later contact attempts did not apparently reach the appropriate person(s) inside the company. We thank the vendor for working with us on this. Best regards, Stefano Zanero
Current thread:
- Plunet BusinessManager failure in access controls and multiple stored cross site scripting Matteo Ignaccolo (Jan 07)
- Re: Plunet BusinessManager failure in access controls and multiple stored cross site scripting Stefano Zanero (Jan 09)
- <Possible follow-ups>
- Plunet BusinessManager failure in access controls and multiple stored cross site scripting Matteo Ignaccolo (Jan 07)