Weekly edition	Kernel	Security	Distributions	Contact Us	Search
Archives	Calendar	Subscribe	Write for LWN	LWN.net FAQ	Sponsors

tdiary: cross-site scripting

Package(s):

tdiary

CVE #(s):

CVE-2010-0726

Created:

March 10, 2010

Updated:

March 10, 2010

Description:

From the Debian advisory:

It was discovered that tdiary, a communication-friendly weblog system, is prone to a cross-site scripting vulnerability due to insuficient input sanitising in the TrackBack transmission plugin.

Alerts:

Debian

DSA-2009-1

2010-03-09

(Log in to post comments)