| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 11 Mar 2019 10:03:59 +0200 From: Henri Salo <henri@...v.fi> To: Tim Coen <tc.coen@...il.com> Cc: fulldisclosure@...lists.org Subject: Re: [FD] Contact Form Email 7.10.41 - Reflected XSS & CSRF (WordPress Plugin) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On Tue, Feb 05, 2019 at 04:25:25PM +0100, Tim Coen wrote: > https://security-consulting.icu/blog/2019/02/wordpress-contact-form-email-xss-csrf/ MITRE assigned CVE-2019-9646 for this vulnerability. - -- Henri Salo -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEE/aVSDznAZReWTkxKJ633pE6qdXQFAlyGFm8ACgkQJ633pE6q dXQMag/9HwJzpEZjPk9YIWAFjUczgq9SbFTL/eKEzoXtqLXIyTed30nvvrfLpICm RVdEpTgZQZQUow9WJKf05+jU2rnu+Tv5mGW+9rC8xZ3gSShrxPj5yIVVOBsYTMJ9 9qKEWssRKB76hRF2PJn8I7SgKHlpxshZziOdq25MoXrp2+rOmhdBfuHaCezDMhGS zIBdMYQcEU0wmq1BRbTtvdLRHqBoo2fgAJaIbonCO+Zin7tVMoI8lpmq3c8wB/ng GIRCcDntz/AF1/BO4Gxvvc3vuJdg3xrunjj9yZ68c0Txue8JCHx9XMTCB4U9upGU Bt/QzAQ2SruV8yzqJeX5tNP5XSi86bdrgufyYC0ceGQo+DzKVNtJ9zoO98bZ7Kzm BeIwUWmPMdGP0jyXEY0jmgGEhfb690jF+d8kcf60qOdZralxBtjfeDau3DpFWbPo Qi+aFNBuBDeJMm7ZHPfaKlXWHHlr5unbWxAevJ1lMyCCLU4QRc2Ltq90MkHuqKc8 difYWTS9BgFLHKyRrwRLq5LB4hevATskWZycCPgcyBC308B8miCSZtlkqFwwZdxI XEvqMP0V8ZB0GXLUVmjUN31JyighInUvRdJ7U03TSqcJc+j+U1xlGcmeACeITNbu s/VaaKE6cijIDaO5aTD47fGqy3iGC4uLljUPTQCr84SyTIjUBOE= =SBrL -----END PGP SIGNATURE----- _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Powered by blists - more mailing lists