Package: acidbase Severity: important Tags: security patch Hi, the following CVE (Common Vulnerabilities & Exposures) id was published for acidbase.
CVE-2007-6156[0]: | Multiple cross-site scripting (XSS) vulnerabilities in | base_qry_main.php in Base Analysis and Security Engine (BASE) before | 1.3.9 allow remote attackers to inject arbitrary web script or HTML | via the (1) sig[0] and (2) sig[1] parameters. If you fix this vulnerability please also include the CVE id in your changelog entry. A patch for this can be found on: http://secureideas.cvs.sourceforge.net/secureideas/base-php4/index.php?r1=1.27&r2=1.28 For further information: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6156 Kind regards Nico -- Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted.
pgpQ9Rs7A9qcf.pgp
Description: PGP signature
