Re: XSS vulnerability in CompuCMS
- From: security curmudgeon <jericho@xxxxxxxxxxxxx>
- Date: Tue, 28 Sep 2010 18:50:43 -0500 (CDT)
: Vulnerability ID: HTB22584
: Reference: http://www.htbridge.ch/advisory/xss_vulnerability_in_compucms.html
: Product: CompuCMS
: Vendor: CompuSoft A/S ( http://www.compusoft.dk/ )
: Vulnerable Version: Current at 06.08.2010 and Probably Prior Versions
Once again, you assign a "version" based on a date, not an actual product
version. Your language of "probably prior versions" indicates that you
don't even realize what you are testing, and can't figure out the basics
of the software.
According to the vendor:
http://www.compusoft.dk/index.asp?mode=produkt!compucms
This is a service, not a product. In the future, please indicate this in
your advisories.
- Prev by Date: [oCERT-2010-004] FFmpeg/libavcodec arbitrary offset dereference
- Next by Date: Fwd: 2.6.6 <= phpMyFAQ <= 2.6.8 XSS
- Previous by thread: [oCERT-2010-004] FFmpeg/libavcodec arbitrary offset dereference
- Next by thread: Fwd: 2.6.6 <= phpMyFAQ <= 2.6.8 XSS
- Index(es):
Relevant Pages
|
