[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Multiple Cross Site Scripting (XSS) and SQL injection Vulnerabilities in XRMS, CVE-2008-3664
- To: bugtraq@xxxxxxxxxxxxxxxxx
- Subject: Re: Multiple Cross Site Scripting (XSS) and SQL injection Vulnerabilities in XRMS, CVE-2008-3664
- From: gopherit@xxxxxxxxxxxxxxxxxxxxx
- Date: Thu, 7 Oct 2010 15:24:45 -0600
Both the XSS and SQL injection vulnerabilities have now been addressed in the
XRMS code currently residing in CVS. A general filtering mechanism has been
implemented to sanitize all GET, POST, COOKIE, REQUEST and SERVER data.