Author: alec-guest Date: 2006-09-24 15:32:05 +0000 (Sun, 24 Sep 2006) New Revision: 4757 Modified: data/CVE/list Log: CVE-2005-2350: websieve removed Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-09-22 09:14:25 UTC (rev 4756) +++ data/CVE/list 2006-09-24 15:32:05 UTC (rev 4757) @@ -20926,7 +20926,7 @@ - zoo 2.10-4 (low; bug #309594) CVE-2005-2350 [Cross Site Scripting in websieve] RESERVED - - websieve <unfixed> (bug #311838; low) + - websieve <removed> (bug #311838; low) NOTE: second half of bug suggets lack of escaping of user data NOTE: could be used to compromise program somehow NOTE: that is not covered by the CVE though due to vagueness