[Secure-testing-team] [Secure-testing-commits] r12595 - in data: CVE DSA
Giuseppe Iuculano
giuseppe at iuculano.it
Fri Aug 14 22:05:48 UTC 2009
Michael S Gilbert ha scritto:
>> [1]http://wordpress.org/development/2007/04/wordpress-213-and-2010/
>
> i still don't see CVE-2007-4483 claimed fixed there. so the
- "These releases include fixes for several publicly known minor XSS issues"
- CVE-2007-4483 claimed wordpress 2.1.3 as fixed version
- PoC doesn't work in 2.0.10
We haven't any code references for this XSS issue, so with the above
considerations I think is reasonable to deduce it was fixed in 2.0.10.
> so you will need to test
> the proof-of-concept when using that theme.
Yes, I tested the proof-of-concept with the classic theme.
Cheers,
Giuseppe.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20090815/fd311726/attachment.pgp>
More information about the Secure-testing-team
mailing list