Re: [Secure-testing-team] [Secure-testing-commits] r7192 - data/CVE

Florian Weimer Fri, 02 Nov 2007 01:13:20 -0800

>  CVE-2007-5695 (command.php in SiteBar 3.3.8 allows remote attackers to 
> redirect users ...)
> -     - sitebar <unfixed> (low; bug #448690)
> +     - sitebar <unfixed> (unimportant; bug #448690)
> +     NOTE: there is no real exploit scenario


I disagree with that assessment.  Open redirectors pose at least a very
real reputation risk.

_______________________________________________
Secure-testing-team mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-team

Re: [Secure-testing-team] [Secure-testing-commits] r7192 - data/CVE

Reply via email to