oss-sec mailing list archives
Re: CVE request: Redmine: cross-site scripting vulnerability fixed in 3.0.0 and 2.6.2
From: cve-assign () mitre org
Date: Sat, 5 Dec 2015 09:40:23 -0500 (EST)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
https://www.redmine.org/issues/19117 http://www.redmine.org/projects/redmine/wiki/Security_Advisories
Use CVE-2015-8477. Is there any public information that associates 19117 with the "Potential XSS vulnerability when rendering some flash messages" "2.6.2 and 3.0.0" line, or are you providing this association based on your own involvement with the vulnerability disclosure? - -- CVE assignment team, MITRE CVE Numbering Authority M/S M300 202 Burlington Road, Bedford, MA 01730 USA [ PGP key available through http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJWYvcGAAoJEL54rhJi8gl5nR0P/i9TvDbn3wa+dS1oiUq8HWkb XB5DgXPb32ZAPoTQ98FC1Y8LJ9CEug4TPEvb+AnDBt8Nwt3jOcYZB3OVCSh+9gkq nZ4uvK394WzcqkfRrV9xFKpxk+moEKqmvSl2s/V+pMf1rWCMdZAgmt2aV4T65Qc9 FzzGrwi9CUyIHqXAKlQHTW8EQFRQ68iuyrGuqLS1rYRlitrLIhBjUy8SAXdXJXE4 7TK8YnRfVYW55gzWMaPZXzBC04KT+nHi+feuDz5vk6LHlSyI41rjmCGAR2YD4t5y Vh04s7EYisccjiN11ejEtXnD0kqxnH3OSs+B4aB6pansrlXTc+19Ke21hMeyDTNM 4vfcpJY/jjxgvIrzprPbyDnzg63Ac5pmsGbnSdLcDicvjgcziu4kyeF2ztHCci7a gwoyWJXN+vKmqohsd0jC667Lq8sKniH+6CG/MGKpQSplxDPLgP7emHCJJlBo5f/O Z4XE5Yt1L2RU9P+7qDtM6XhWZNpuN3gih5i2FNYFciQw7shlIM3oIZkVcj4E8FLy We+N6BhEB9eC5e8fT/RhqL4N/MHHbDevN/0rwzapQcWO65Pdxsuujn/qKI0+9XNA 2WFieGbm/7/Q5gwilRcjgbVV5s3CEEhM8lL4stCXyvIKwz2l5+Dxz+rX9E1+xbhC vLY6539EGsJ/bgO39p3U =rJ0Y -----END PGP SIGNATURE-----
Current thread:
- CVE request: Redmine: cross-site scripting vulnerability fixed in 3.0.0 and 2.6.2 Henri Salo (Dec 04)
- Re: CVE request: Redmine: cross-site scripting vulnerability fixed in 3.0.0 and 2.6.2 cve-assign (Dec 05)