Author: nion Date: 2007-10-20 14:08:20 +0000 (Sat, 20 Oct 2007) New Revision: 7040 Modified: data/CVE/list Log: checked jspwiki vulnerabilities Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-10-20 13:11:18 UTC (rev 7039) +++ data/CVE/list 2007-10-20 14:08:20 UTC (rev 7040) @@ -1404,17 +1404,14 @@ CVE-2007-5122 (SQL injection vulnerability in store_info.php in SoftBiz Classifieds ...) NOT-FOR-US: SoftBiz Classifieds PLUS CVE-2007-5121 (Cross-site scripting (XSS) vulnerability in JSPWiki 2.5.139-beta ...) - - jspwiki <unfixed> (medium; bug #445477) + - jspwiki <not-affected> (The version we ship does not process a redirect parameter in Login.jsp and other source files) [sarge] - jspwiki <no-dsa> (Contrib not supported) - TODO: check, if affected at all CVE-2007-5120 (Multiple cross-site scripting (XSS) vulnerabilities in JSPWiki 2.4.103 ...) - jspwiki <unfixed> (medium; bug #445477) [sarge] - jspwiki <no-dsa> (Contrib not supported) - TODO: check, if affected at all CVE-2007-5119 (JSPWiki 2.4.103 and 2.5.139-beta allows remote attackers to obtain ...) - jspwiki <unfixed> (medium; bug #445477) [sarge] - jspwiki <no-dsa> (Contrib not supported) - TODO: check, if affected at all CVE-2007-5118 (Unspecified vulnerability in the HID (Human Interface Device) class ...) NOT-FOR-US: Solaris CVE-2007-5117 (Multiple PHP remote file inclusion vulnerabilities in FrontAccounting ...)