severity 726976 important thanks Hi
As the attack vector includes that malicious data via POST I think it's safe to downgrade the severity to important. p.s.: I have requested a CVE for this issue on the oss-security list. Regards Salvatore -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org