oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

CVE request -BigTree CMS 4.2.13 Extension Form Builder Multiple Cross-Site Scripting (XSS)

From: haojun hou <haojunhou () gmail com>
Date: Wed, 7 Dec 2016 11:29:30 +0800
I reported multiple reflected cross-site scripting vulnerabilities in
BigTree CMS Extension Form Builder several days ago. Please assign CVEs if
you think they are suitable for identifiers.Thanks.

Affected version: BigTree CMS 4.2.13, From Builder 1.1

Reported by Tim Buckingham in
*https://github.com/bigtreecms/BigTree-CMS/issues/265
<https://github.com/bigtreecms/BigTree-CMS/issues/265>*

Fixed in:
https://github.com/Fastspot/bigtree-form-builder/commit/06fde0cc67ff121b212715031e12574f50970fcd

Thanks & Regards
Previous By Date Next
Previous By Thread Next

Current thread: