< Back to JetLib.com

jetlib.sec » Bugtraq » Multiple vulnerabilities in OSclass

« Expand/Collapse

Bugtraq

January 25, 2012
Multiple vulnerabilities in OSclass

Posted: January 25th, 2012, 8:47am PST

Tags:

Posted by advisory on Jan 25
Advisory ID: HTB23068
Reference: https://www.htbridge.ch/advisory/multiple_vulnerabilities_in_osclass.html
Product: OSclass
Vendor: osclass.org ( http://osclass.org/ )
Vulnerable Version: 2.3.3 and probably prior
Tested Version: 2.3.3
Vendor Notification: 04 January 2012
Vendor Patch: 16 January 2012
Vulnerability Type: SQL Injection, XSS (Cross Site Scripting)
Status: Fixed by Vendor
Risk Level: High
Credit: High-Tech Bridge SA Security...

← NGS00117 Patch Notification: Symantec... CSRF (Cross-Site Request Forgery) in ... →