oss-sec mailing list archives
Fwd: Re: CVE Request: ownCloud 5.0.5 and 4.5.10
From: Kurt Seifried <kseifried () redhat com>
Date: Wed, 17 Apr 2013 14:40:41 -0600
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 This was brought to my attention: https://github.com/johndyer/mediaelement/commit/9223dc6bfc50251a9a3cba0210e71be80fc38ecd +* Fixed possible XSS attack through `file=` parameter in `flashmediaelement.swf` This may have been requested already, I haven't seen it. Please use CVE-2013-1967 for this issue. - -- Kurt Seifried Red Hat Security Response Team (SRT) PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux) iQIcBAEBAgAGBQJRbwjJAAoJEBYNRVNeJnmTRYIQALmGiZ9R7D2yuV3D+8EWTON4 29y17zF2yfMdGgG98HXBVhNWCFST1qjhSzdDLZA1iH5B9cxI9m80ztB3ELehXemJ TZuv6kadgxbQN64hPbTP+TfoRpsIqA5cwdIitFbC5FhOm6K6tCySUlFxD9xrmiFf AVhMjGexIsbnuqSHAYHJGwWD2SIesF8rGNcOzb2AWLQvYetUcd2r62RZiaIbJi9m kqGOnjvnFS7RicL/xeJagkQD/9zuRXaZqstBieV9SyhKgPymvFITVPw9keXiE/W1 D4G/az1f4FJ2Vuyh4qTeKEOVXb7HZDpCCn/mxQja/V0SzAhrh1/d8U29JXPsw03D aAY8tdZKFLU8UmyAsRFiNd09Pud5UV0dag/cNQstVrQnHuriaFurGNKC+bsf0n64 6USjHmtSxc79skB3AilZmhmPQPFB5T0nG/47P9xKZiw/Thri+eGQGgoMfLKgSsNT izgyIwOVNah16RANHWJ55+ExrnbRI6MkHFSHbqgpSia2xgDt6JpUKKQQazgDoUOa pnubWg3jr14fyi53ytQuMh8mgEI8LYeSsktAMxAPJAKSI6303LEOwlgPTWYSfUlv YHDiQq6i9TE+cMI3XCR8djJ3Pv7gHhbPW7z3J2jFIBSgjxmtdCKX2yLPrf10S+/9 ps6+fwe5HmCVbhd09NPE =LFeY -----END PGP SIGNATURE-----
Current thread:
- Fwd: Re: CVE Request: ownCloud 5.0.5 and 4.5.10 Kurt Seifried (Apr 17)