Hi Raphael, Ganglia maintainers On Thu, Feb 21, 2013 at 02:50:13PM +0100, Raphael Geissert wrote: > The other operations related to views (in views_view.php) are all > still vulnerable to XSS via the view_name GET parameter.
Also reported this now to upstream issue tracker, sorry for the delay. https://github.com/ganglia/ganglia-web/issues/160 Please include also the CVE for this issue in the changelog when fixing the issue, it's assigned CVE-2013-1770. Regards, Salvatore -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
