*** This bug is a security vulnerability *** Public security bug reported:
Binary package hint: serendipity References: DSA-1528-1 (http://www.debian.org/security/2008/dsa-1528) Quoting: "Peter Hüwe and Hanno Böck discovered that Serendipity, a weblog manager, did not properly sanitise input to several scripts which allowed for cross site scripting." ** Affects: serendipity (Ubuntu) Importance: Undecided Status: New ** Affects: serendipity (Debian) Importance: Unknown Status: Unknown ** Visibility changed to: Public ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2007-6205 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2008-0124 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2008-1476 ** Bug watch added: Debian Bug tracker #469667 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=469667 ** Also affects: serendipity (Debian) via http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=469667 Importance: Unknown Status: Unknown -- [serendipity] [CVE-2007-6205, CVE-2008-0124, CVE-2008-1476] insufficient input sanitising https://bugs.launchpad.net/bugs/210130 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
