| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 7 Jan 2011 17:31:53 +0800 From: YGN Ethical Hacker Group <lists@...g.net> To: full-disclosure@...ts.grok.org.uk, bugtraq@...urityfocus.com, bugs@...uritytracker.com, vuln@...unia.com, secalert@...urityreason.com, news@...uriteam.com, vuln@...urity.nnov.ru, moderators@...db.org Subject: Re: Joomla! 1.0.x ~ 1.0.15 | Cross Site Scripting (XSS) Vulnerability Joomla! Security Team has confirmed that this issue will not be fixed. >> While noted, your exploit report does not fall within the JSST remit as >> we no longer support J1.0.x branch (as you are aware and indicate). >> The vulnerability mentioned is not known to exist in any current supported release. >> Please ensure you are using the latest version of Joomla! The advisory has been updated with vendor's response: http://yehg.net/lab/pr0js/advisories/joomla/core/%5Bjoomla_1.0.x~15%5D_cross_site_scripting The CVE ID, CVE-2011-0005, has been assigned for it. --------------------------------- Best regards, YGN Ethical Hacker Group Yangon, Myanmar http://yehg.net Our Lab | http://yehg.net/lab Our Directory | http://yehg.net/hwd _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists