Summary: | Drupal module "flag" 6.x-1.1 allows for XSS | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Chris Rogers <crogers> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED INVALID | ||
Severity: | minor | CC: | web-apps |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://lampsecurity.org/drupal-flag-module-vulnerability | ||
Whiteboard: | B4 [upstream] | ||
Package list: | Runtime testing required: | --- |
Description
Chris Rogers
2009-08-18 15:30:47 UTC
Chris, thanks for the report. However, the flag module is not part of the www-apps/drupal package and thus Gentoo doesn't ship it. Unless my research was wrong, there's nothing we can do. Otherwise please reopen. |