Summary: | dev-php/PHPMailer: XSS in code_generator.php (CVE-2017-11503) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Aleksandr Wagner (Kivak) <alwag> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | mjo, php-bugs |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | ~4 [noglsa cve] | ||
Package list: | Runtime testing required: | --- |
Description
Aleksandr Wagner (Kivak)
2017-07-24 17:27:14 UTC
The reported problem is in an example, and not in the PHPMailer code. I don't see any upstream activity at all regarding this CVE (did anyone report it...?), so I presume the problem still exists. As a quick workaround, I just dropped that vulnerable example from our ebuild. |