Home page logo
/

oss-sec logo oss-sec mailing list archives

Re: Fwd: XSS vulnerability in Joomla 1.6.3 - CVE-2011-2710 / CVE-2011-2708 issue
From: "Steven M. Christey" <coley () rcf-smtp mitre org>
Date: Tue, 22 Nov 2011 22:30:45 -0500 (EST)


Let's keep CVE-2011-2710 and we will reject CVE-2011-2708. Henri, I'm sorry about the lack of response :-(

- Steve


On Mon, 21 Nov 2011, Kurt Seifried wrote:


CVE-2011-2708 and CVE-2011-2710 are both about 20110701 XSS vulnerability: http://developer.joomla.org/security/news/357-20110701-xss-vulnerability.html and I have already contacted MITRE twice to get another one marked as obsolete.


Best regards,
Henri Salo

Ok CVE-2011-2710 is public in CVE and NVD:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2710, and
CVE-2011-2708 is still marked as reserved so we should probably quietly
take CVE-2011-2708 out back and shoot it.

CC'ing mitre.

--

-Kurt Seifried / Red Hat Security Response Team




  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]