FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

geeklog xss vulnerability

Affected packages
geeklog < 1.4.1

Details

VuXML ID 60e1792b-c380-11dc-821a-000bcdc1757a
Discovery 2008-01-08
Entry 2008-01-15

Geeklog reports:

MustLive pointed out a possible XSS in the form to email an article to a friend that we're fixing with this release.

Please note that this problem only exists in Geeklog 1.4.0 - neither Geeklog 1.4.1 nor any older versions (1.3.x series) have that problem.

[source]

References

CVE Name CVE-2006-3756
URL http://www.geeklog.net/article.php/geeklog-1.4.0sr6

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.