svn commit: r335649 - head/security/vuxml
Nicola Vitale
nivit at FreeBSD.org
Thu Dec 5 00:00:11 UTC 2013
Author: nivit
Date: Thu Dec 5 00:00:11 2013
New Revision: 335649
URL: http://svnweb.freebsd.org/changeset/ports/335649
Log:
- Document multiple XSS core vulnerabilities for Joomla!
(2.5.0 <= version <= 2.5.14, 3.0.0 <= version <= 3.1.5)
Modified:
head/security/vuxml/vuln.xml
Modified: head/security/vuxml/vuln.xml
==============================================================================
--- head/security/vuxml/vuln.xml Wed Dec 4 23:58:52 2013 (r335648)
+++ head/security/vuxml/vuln.xml Thu Dec 5 00:00:11 2013 (r335649)
@@ -51,6 +51,44 @@ Note: Please add new entries to the beg
-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+ <vuln vid="4158c57e-5d39-11e3-bc1e-6cf0490a8c18">
+ <topic>Joomla! -- Core XSS Vulnerabilities</topic>
+ <affects>
+ <package>
+ <name>joomla2</name>
+ <name>joomla3</name>
+ <range><ge>2.5.*</ge><le>2.5.14</le></range>
+ <range><ge>3.0.*</ge><le>3.1.5</le></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>The JSST and the Joomla! Security Center report:</p>
+ <blockquote cite="http://developer.joomla.org/security/570-core-xss-20131101.html">
+ <h2>[20131101] Core XSS Vulnerability</h2>
+ <p>Inadequate filtering leads to XSS vulnerability in com_contact.</p>
+ </blockquote>
+ <blockquote cite="http://developer.joomla.org/security/571-core-xss-20131102.html">
+ <h2>[20131102] Core XSS Vulnerability</h2>
+ <p>Inadequate filtering leads to XSS vulnerability in com_contact, com_weblinks, com_newsfeeds.</p>
+ </blockquote>
+ <blockquote cite="http://developer.joomla.org/security/572-core-xss-20131103.html">
+ <h2>[20131103] Core XSS Vulnerability</h2>
+ <p>Inadequate filtering leads to XSS vulnerability in com_contact.</p>
+ </blockquote>
+ </body>
+ </description>
+ <references>
+ <url>http://developer.joomla.org/security/570-core-xss-20131101.html</url>
+ <url>http://developer.joomla.org/security/571-core-xss-20131102.html</url>
+ <url>http://developer.joomla.org/security/572-core-xss-20131103.html</url>
+ </references>
+ <dates>
+ <discovery>2013-11-01</discovery>
+ <entry>2013-12-04</entry>
+ </dates>
+ </vuln>
+
<vuln vid="d2073237-5b52-11e3-80f7-c86000cbc6ec">
<topic>OpenTTD -- Denial of service using forcefully crashed aircrafts</topic>
<affects>
More information about the svn-ports-all
mailing list