> > Two CVE's were assigned recently for 'ancient' Collabtive security issues: > > > > CVE-2010-5284 > > http://www.exploit-db.com/exploits/15240 > > > > CVE-2010-5285 > > http://www.exploit-db.com/exploits/15240
FWIW the exploit-db webpage points at three different problems, two XSS and one CSRF. The XSS are not present in collabtive 0.7.6, but the CSRF is. I'm getting in touch with the authors right now. Thanks! -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
