Summary: | www-apps/joomla < 1.5.8: XSS | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Hanno Böck <hanno> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | ||
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://developer.joomla.org/security/news/283-20081101-core-comcontent-xss-vulnerability.html | ||
Whiteboard: | ~4 [ebuild] | ||
Package list: | Runtime testing required: | --- |
Description
Hanno Böck
2008-11-13 11:58:42 UTC
Not sure whether ~ is appropriate here, but a package which has already been masked for security reasons is probably considered even less important than an ~arch only package. Also: Name: CVE-2008-5053 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5053 Published: 2008-11-13 Severity: Description: PHP remote file inclusion vulnerability in admin.rssreader.php in the Simple RSS Reader (com_rssreader) 1.0 component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_live_site parameter. Added www-apps/joomla-1.5.8, removed www-apps/joomla-1.5.7. webapps done. Thanks, closing then. |