Date: Thu, 5 Dec 2013 00:00:11 +0000 (UTC) From: Nicola Vitale <nivit@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r335649 - head/security/vuxml Message-ID: <201312050000.rB500B8L049893@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: nivit Date: Thu Dec 5 00:00:11 2013 New Revision: 335649 URL: http://svnweb.freebsd.org/changeset/ports/335649 Log: - Document multiple XSS core vulnerabilities for Joomla! (2.5.0 <= version <= 2.5.14, 3.0.0 <= version <= 3.1.5) Modified: head/security/vuxml/vuln.xml Modified: head/security/vuxml/vuln.xml ============================================================================== --- head/security/vuxml/vuln.xml Wed Dec 4 23:58:52 2013 (r335648) +++ head/security/vuxml/vuln.xml Thu Dec 5 00:00:11 2013 (r335649) @@ -51,6 +51,44 @@ Note: Please add new entries to the beg --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">; + <vuln vid="4158c57e-5d39-11e3-bc1e-6cf0490a8c18"> + <topic>Joomla! -- Core XSS Vulnerabilities</topic> + <affects> + <package> + <name>joomla2</name> + <name>joomla3</name> + <range><ge>2.5.*</ge><le>2.5.14</le></range> + <range><ge>3.0.*</ge><le>3.1.5</le></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml">; + <p>The JSST and the Joomla! Security Center report:</p> + <blockquote cite="http://developer.joomla.org/security/570-core-xss-20131101.html">; + <h2>[20131101] Core XSS Vulnerability</h2> + <p>Inadequate filtering leads to XSS vulnerability in com_contact.</p> + </blockquote> + <blockquote cite="http://developer.joomla.org/security/571-core-xss-20131102.html">; + <h2>[20131102] Core XSS Vulnerability</h2> + <p>Inadequate filtering leads to XSS vulnerability in com_contact, com_weblinks, com_newsfeeds.</p> + </blockquote> + <blockquote cite="http://developer.joomla.org/security/572-core-xss-20131103.html">; + <h2>[20131103] Core XSS Vulnerability</h2> + <p>Inadequate filtering leads to XSS vulnerability in com_contact.</p> + </blockquote> + </body> + </description> + <references> + <url>http://developer.joomla.org/security/570-core-xss-20131101.html</url>; + <url>http://developer.joomla.org/security/571-core-xss-20131102.html</url>; + <url>http://developer.joomla.org/security/572-core-xss-20131103.html</url>; + </references> + <dates> + <discovery>2013-11-01</discovery> + <entry>2013-12-04</entry> + </dates> + </vuln> + <vuln vid="d2073237-5b52-11e3-80f7-c86000cbc6ec"> <topic>OpenTTD -- Denial of service using forcefully crashed aircrafts</topic> <affects>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201312050000.rB500B8L049893>