Package: pluxml Version: 5.5-2 Severity: grave Tags: security upstream https://nvd.nist.gov/vuln/detail/CVE-2017-1001001 https://github.com/pluxml/PluXml/issues/253
PluXml version 5.6 is vulnerable to stored cross-site scripting vulnerability, within the article creation page, which can result in escalation of privileges. Two problems: - Cross-site scripting vulnerability with "writer" role - Missing HttpOnly flag -- Henri Salo
signature.asc
Description: PGP signature