oss-sec mailing list archives
Re: CVE request: XSS in MUC logs of ejabberd
From: "Steven M. Christey" <coley () linus mitre org>
Date: Tue, 17 Mar 2009 20:38:51 -0400 (EDT)
====================================================== Name: CVE-2009-0934 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0934 Reference: MLIST:[oss-security] 20090316 CVE request: XSS in MUC logs of ejabberd Reference: URL:http://www.openwall.com/lists/oss-security/2009/03/16/1 Reference: CONFIRM:http://www.process-one.net/en/ejabberd/release_notes/release_note_ejabberd_204 Reference: BID:34133 Reference: URL:http://www.securityfocus.com/bid/34133 Reference: SECUNIA:34340 Reference: URL:http://secunia.com/advisories/34340 Cross-site scripting (XSS) vulnerability in ejabberd before 2.0.4 allows remote attackers to inject arbitrary web script or HTML via unknown vectors related to links and MUC logs.
Current thread:
- CVE request: XSS in MUC logs of ejabberd Hanno Böck (Mar 16)
- Re: CVE request: XSS in MUC logs of ejabberd Steven M. Christey (Mar 17)