oss-sec mailing list archives
Jara 1.6 SQL injection and XSS
From: Henri Salo <henri () nerv fi>
Date: Sun, 30 Oct 2011 12:48:57 +0200
Can I get CVE-identifiers for these issues: SQL injection: http://seclists.org/fulldisclosure/2011/Oct/767 (http://seclists.org/bugtraq/2011/Oct/201) Bug report to vendor: https://sourceforge.net/tracker/?func=detail&aid=3428075&group_id=294500&atid=1243901 XSS: http://packetstormsecurity.org/files/106114/jara-sql.txt Bug report to vendor: https://sourceforge.net/tracker/?func=detail&aid=3430384&group_id=294500&atid=1243901 No vendor reply. No fix. Best regards, Henri Salo
Current thread:
- Jara 1.6 SQL injection and XSS Henri Salo (Oct 30)
- Re: Jara 1.6 SQL injection and XSS Kurt Seifried (Oct 31)
- Re: Jara 1.6 SQL injection and XSS Henri Salo (Oct 31)
- Re: Jara 1.6 SQL injection and XSS Kurt Seifried (Oct 31)
- Re: Jara 1.6 SQL injection and XSS Kurt Seifried (Oct 31)