User: Password:
Subscribe / Log in / New account

slash: SQL injection, cross-site scripting

Package(s):slash CVE #(s):CVE-2008-2231 CVE-2008-2553
Created:September 2, 2008 Updated:September 3, 2008
Description: From the Debian alert: It has been discovered that Slash, the Slashdot Like Automated Storytelling Homepage suffers from two vulnerabilities related to insufficient input sanitation, leading to execution of SQL commands (CVE-2008-2231) and cross-site scripting (CVE-2008-2553).
Debian DSA-1633-1 slash 2008-09-01

(Log in to post comments)

Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds