https://bugzilla.redhat.com/show_bug.cgi?id=1254111
--- Comment #3 from Martin Prpic <[email protected]> --- A second flaw has also been assigned a CVE: RT 4.2.0 and above are vulnerable to a cross-site scripting (XSS) attack via the cryptography interface. This vulnerability could allow an attacker with a carefully-crafted key to inject JavaScript into RT's user interface. Installations which use neither GnuPG nor S/MIME are unaffected. This has been assigned CVE-2015-6506: http://seclists.org/oss-sec/2015/q3/384 -- You are receiving this mail because: You are on the CC list for the bug. -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list [email protected] https://admin.fedoraproject.org/mailman/listinfo/perl-devel
