lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <10f2404f350b9d68a1f29ab47291a7eb@securitynews.ir>
Date: Mon, 26 Jun 2006 20:33:34 +0430
From: "bug@...uritynews.ir" <bug@...uritynews.ir>
To: <bugtraq@...urityfocus.com>
Subject: Claroline Cross-Site Scripting Vulnerabilities


------------------------------------------------------------------
[#] Security Advisory
[^] http://securitynews.ir/

[>] Advisory Title: Claroline Cross-Site Scripting Vulnerabilities
[@] Author : bug [@] securitynews.ir
[$] Product Vendor : http://www.claroline.net/
[.] Affected Versions : 1.7.7 (and maybe before)
[/] Release Date : 06/26/2006
------------------------------------------------------------------
[*] Overview :
Claroline is a free application based on PHP/MySQL allowing 
teachers or education organizations to create and administrate 
courses through the web .
Several cross-site scripting bugs have been found in 
Claroline 1.7.7 .

[*] Details :
No exploitable details are going to be released .

[*] Solution :
Vendor contacted on 06/25/2006. The vendor has been released
a security patch :
http://www.claroline.net/dlarea/claroline.patch17701.zip

------------------------------
http://securitynews.ir/



Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ