224081 CVE-2008-2494 2008-05-29 12:49 0000 www-apps/zina <1.0_rc4 XSS and directory traversal vulnerability in index.php (CVE-2008-{2494,2495}) 2008-09-07 17:41:42 0000 1 1 1 Unclassified Gentoo Security Vulnerabilities unspecified All Linux RESOLVED FIXED ~4 [noglsa] P2 trivial --- 1 vorlon@gentoo.org security@gentoo.org vorlon@gentoo.org 2008-05-29 12:49:37 0000 CVE-2008-2494 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2494): Cross-site scripting (XSS) vulnerability in index.php in Zina 1.0 RC3 allows remote attackers to inject arbitrary web script or HTML via the l parameter. rbu@gentoo.org 2008-08-25 21:13:30 0000 Fixed in 1.0rc4: http://sourceforge.net/project/shownotes.php?group_id=82527&release_id=620601 wrobel@gentoo.org 2008-09-07 17:35:54 0000 Added 1.0_rc4, removed 1.0_rc3, webapps done. py@gentoo.org 2008-09-07 17:41:42 0000 (In reply to comment #2) > Added 1.0_rc4, removed 1.0_rc3, webapps done. > Thanks, closing wihtout glsa.