[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
CGI:IRC XSS issue (CVE-2011-0050)
- To: bugtraq@xxxxxxxxxxxxxxxxx, full-disclosure@xxxxxxxxxxxxxxxxx, irc-security@xxxxxxxxxxxxxxxxxxx
- Subject: CGI:IRC XSS issue (CVE-2011-0050)
- From: David Leadbeater <dgl@xxxxxx>
- Date: Wed, 9 Feb 2011 11:41:45 +0000
Michael Brooks (Sitewatch) discovered an XSS issue in the nonjs
interface that allowed HTML injection via a crafted parameter.
0.5.10 is now available. This is actually just 0.5.9 with the
following fix:
- CVE-2011-0050: XSS in R param in nonjs interface
David