[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: XSS vulnerability in Eden Platform

To: advisory@xxxxxxxxxxx
Subject: Re: XSS vulnerability in Eden Platform
From: security curmudgeon <jericho@xxxxxxxxxxxxx>
Date: Sat, 14 Aug 2010 23:28:58 -0500 (CDT)

: Product: Eden Platform
: Vendor: Preation ( http://www.preation.com/ ) 
: Vulnerable Version: Current at 27.07.2010 and Probably Prior Versions
: Risk level: Medium 

The vendor web page has a free trial feature, with no obvious version. 
Your version of 01.07.2010 appears to be something you designated, perhaps 
based on the date you notified the vendor.

It appears this is a site specific issue in Preation / Eden.

Can you confirm this is a downloadable product and the version affected?

References:
- XSS vulnerability in Eden Platform
  - From: advisory

Prev by Date: Re: XSS vulnerability in Theeta CMS
Next by Date: Insecure secure cookie in Tornado
Previous by thread: XSS vulnerability in Eden Platform
Next by thread: SQL injection vulnerability in allinta CMS
Index(es):
- Date
- Thread