mailing list archives
Re: CVE request: Joomla two XSS vulnerabilities fixed in 2.5.7
From: Henri Salo <henri () nerv fi>
Date: Wed, 10 Oct 2012 08:13:33 +0300
On Tue, Oct 09, 2012 at 10:58:11PM -0600, Kurt Seifried wrote:
I'm wondering,there seems to be some gaps in Joomla CVE assignments,
are there other Joomlas that need CVEs as well?
Probably. I have been requesting these once I notice CVE is missing. It would help a lot if Joomla would put CVEs to
advisories once assigned. This list also contains lots of issues, which needs verification and coordination:
Usually Joomla does not reply to emails sent to address security () j<snip>.org (other than autoreply).
- Henri Salo