Bug#500873: blosxom: XSS problem in the error flavour

Package: blosxom Version: 2.1.1-1 Severity: critical Tags: security Hi! Yoshinori Ohta of Business Architects Inc. found a XSS issue in blosxom related to handling of unknown flavour types. The fix is now commited to upstream CVS:

Bug#500873: blosxom: XSS problem in the error flavour

On Thu, October 2, 2008 10:43, Gerfried Fuchs wrote: Yoshinori Ohta of Business Architects Inc. found a XSS issue in blosxom related to handling of unknown flavour types. The fix is now commited to upstream CVS: http://blosxom.cvs.sourceforge.net/viewvc/blosxom/blosxom2/blosxom.cgi?r

Bug#500873: blosxom: XSS problem in the error flavour

* Thijs Kinkhorst [EMAIL PROTECTED] [2008-10-02 10:53:54 CEST]: On Thu, October 2, 2008 10:43, Gerfried Fuchs wrote: Yoshinori Ohta of Business Architects Inc. found a XSS issue in blosxom related to handling of unknown flavour types. The fix is now commited to upstream CVS:

Bug#500873: blosxom: XSS problem in the error flavour

severity 500873 important thanks On Thu, October 2, 2008 11:25, Gerfried Fuchs wrote: Not in itself, but it might be the case in connection with some plugin extensions that enable comments or web editing (none of them are shipped in Debian). I'm sorry to have wrongly put it as medium into the