[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Xymon monitor cross-site scripting vulnerabilities

To: Henrik Størner <henrik@xxxxxxx>
Subject: Re: Xymon monitor cross-site scripting vulnerabilities
From: Henri Salo <henri@xxxxxxx>
Date: Mon, 4 Apr 2011 21:41:56 +0300

On Sun, Apr 03, 2011 at 12:15:12PM +0200, Henrik Størner wrote:
> Several cross-site scripting vulnerabilities have been identified in
> the Xymon systems- and network-monitoring tool available at
> http://sourceforge.net/projects/xymon/
> 
> All versions prior to 4.3.1 (released April 3, 2011) are vulnerable.
> 
> I would like to thank David Ferrest for notifying me of this issue.
> 
> 
> Henrik Størner,
> lead Xymon developer.

Does these issues have CVE-identifier? Where can I see the full details of 
these vulnerabilities?

Best regards,
Henri Salo

References:
- Xymon monitor cross-site scripting vulnerabilities
  - From: Henrik Størner

Prev by Date: [USN-1102-1] tiff vulnerability
Next by Date: [USN-1104-1] FFmpeg vulnerabilities
Previous by thread: Xymon monitor cross-site scripting vulnerabilities
Next by thread: DC4420 - London DEFCON - April meet - Wednesday 22nd April 2011
Index(es):
- Date
- Thread