From Mageia wiki
Jump to: navigation, search

MGASA-2012-0275

Date: September 23rd, 2012
Affected releases: 1


Description:
A vulnerability has been found and corrected in ocsinventory:

Cross-site scripting (XSS) vulnerability in ocsinventory in OCS
Inventory NG 2.0.1 and earlier allows remote attackers to inject
arbitrary web script or HTML via unspecified vectors (CVE-2011-4024).

The updated packages have been patched to correct this issue.


Updated Packages:
ocsinventory-server-1.3.3-1.1.mga1
ocsinventory-reports-1.3.3-1.1.mga1


References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4024
https://bugs.mageia.org/show_bug.cgi?id=5252

Retrieved from "https://wiki.mageia.org/mw-en/index.php?title=Support/Advisories/MGASA-2012-0275&oldid=11295"