New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
2.2.7 Cross Site Scripting Vulnerability #17
Comments
|
I'll publish Search.php fix shortly but I were unable to reproduce POST XSS in profile.php |
|
CVE-2015-2217 has been assigned for this issue. Please use it in your ChangeLog when releasing new version, thanks. Could you create new release with this fix, thanks? |
|
I'll have a look in to this issue, it would need confirming that it is fixed before we release the next version. |
|
So looking at this, it is not fixed, but we have to cURL it to do the final test as I can't replicate. |
|
Okay, this is official, bug has been previously sanitized. Cannot reproduce. I can change all the detail's in cURL but unable to create the bug, even using the original CVE. |
http://seclists.org/bugtraq/2015/Mar/15
The text was updated successfully, but these errors were encountered: