oss-sec mailing list archives
CVE: Request
From: Puneeth Gowda <puneethis021 () gmail com>
Date: Wed, 29 Jan 2014 20:40:43 +0530
Kindly issue the CVE-ID. I have reported cross site scripting(xss) in Nokia Maps & Places(v:1.6.6) wordpress plugin. Link: http://wordpress.org/plugins/nokia-mapsplaces/ Disclosed to plugins () wordpress org : 18/01/2014 Contacted author via twitter : No response vulnerable link from wordpress svn : http://plugins.svn.wordpress.org/nokia-mapsplaces/tags/1.6.6/page/place.html Issue Fixed on : 20/01/2014 Reference for change log : https://plugins.trac.wordpress.org/log/nokia-mapsplaces/ Regards Puneeth Gowda CEH | OSCP puneethis021 () gmail com ---------- Forwarded message ---------- From: Puneeth Gowda <puneethis021 () gmail com> Date: Sat, Jan 18, 2014 at 5:15 PM Subject: Vulnerability in Nokia Maps & Places (Version:1.6.6) To: plugins () wordpress org Hi, I would like to report cross site scripting(xss) in Nokia Maps & Places(v:1.6.6) wordpress plugin. Please find the attached document for POC. Kindly let me know if you face any issues while reproducing POC. Thanks Puneeth Gowda
Attachment:
XSS in Nokia Maps & Places plugin v 1.6.6.pdf
Description:
Current thread:
- CVE: Request Puneeth Gowda (Jan 29)
- Re: CVE: Request cve-assign (Jan 29)