oss-sec mailing list archives
Re: Mibew messenger multiple XSS
From: Kurt Seifried <kseifried () redhat com>
Date: Wed, 01 Feb 2012 14:45:10 -0700
On 01/31/2012 08:22 AM, Henri Salo wrote:
This seems to need 2012 CVE-identifier. Advisory: http://seclists.org/bugtraq/2012/Jan/177 Codseq own advisory: http://www.codseq.it/advisories/mibew_messenger_multiple_xss OSVDB: http://osvdb.org/show/osvdb/78663 Secunia: http://secunia.com/advisories/47787/ At the moment http://mibew.org/ does not work for me. - Henri Salo
Please use CVE-2012-0829 for this issue. P.S. for some reason OSVDB lists this as a CSRF issue (?) which is mentioned in the advisory but not really shown. -- Kurt Seifried Red Hat Security Response Team (SRT)
Current thread:
- Mibew messenger multiple XSS Henri Salo (Jan 31)
- Re: Mibew messenger multiple XSS Kurt Seifried (Feb 01)
- XSS hiding CSRF (was: Re: [oss-security] Mibew messenger multiple XSS) Steven M. Christey (Feb 01)
- RE: XSS hiding CSRF (was: Re: [oss-security] Mibew messenger multiple XSS) Carsten Eiram (Feb 01)
- Re: XSS hiding CSRF (was: Re: [oss-security] Mibew messenger multiple XSS) Filippo Cavallarin (Feb 02)
- XSS hiding CSRF (was: Re: [oss-security] Mibew messenger multiple XSS) Steven M. Christey (Feb 01)
- Re: Mibew messenger multiple XSS Kurt Seifried (Feb 01)