[ZendTo] Re: ZendTo: Release 4.11-13
Jules
Jules at zend.to
Tue Dec 17 10:44:29 GMT 2013
On 16/12/2013 17:31, John Thurston wrote:
> On 12/14/2013 4:47 AM, Jules wrote:
>> Folks,
>>
>> I have just released a new version to fix the vulnerability found by
>> Richard Rogerson in ZendTo. It's a cross-site scripting vulnerability
>> that I let through by mistake.
> I have searched the list archives and looked on the zend.to web pages
> but can find no reference to the vulnerability you mention. Has it been
> discussed in the mail list (and I haven't yet hit on the right search
> terms to find it)?
>
It's CVE-2013-6808, which you should be able to find on the web.
Jules
--
Julian Field MEng MBCS CITP CEng
'I've heard that it's possible to grow up. I've just never met
anyone who's actually done it.' - Meredith Grey, Grey's Anatomy
www.Zend.To
Twitter: @JulesFM
PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
More information about the ZendTo
mailing list