add more details of CVE-2015-2793
parent
8ad932efd5
commit
0252e5703d
|
@ -500,9 +500,9 @@ as version 3.20100815.9. An upgrade is recommended for all sites.
|
|||
|
||||
## XSS via openid selector
|
||||
|
||||
Raghav Bisht discovered this XSS in the openid selector.
|
||||
Raghav Bisht discovered this XSS in the openid selector. ([[!cve CVE-2015-2793]])
|
||||
|
||||
The hole was reported on March 24th, a fix was developed on March 27th,
|
||||
and the fixed version was released on the 29th. A fix was backported
|
||||
to Debian wheezy as version 3.20141016.2. An upgrade is recommended for
|
||||
sites using CGI and openid.
|
||||
and the fixed version 3.20150329 was released on the 29th. A fix was backported
|
||||
to Debian jessie as version 3.20141016.2 and to Debian wheezy as version
|
||||
3.20120629.2. An upgrade is recommended for sites using CGI and openid.
|
||||
|
|
Loading…
Reference in New Issue