jetlib.sec » Bugtraq » Re: Fwd: 0-DAY XSS of cforms II is now fixed after a year and four months (was Re: cforms WordPress Plugin Cross Site Scripting Vulnerability - CVE-2010-3977)

Feeds

132969 items (1 unread) in 27 feeds

• 1337day (was: Inj3ct0r, 1337db)
• OSVDB Vulnerabilities
• Exploit-DB
• SecurityFocus Vulnerabilities (1 unread)
• Bugtraq
• Full Disclosure
• XSSed
• Packet Storm Security Headlines
• Packet Storm Security Advisories
• Packet Storm Security Exploits
• Packet Storm Security Recent Files
• Packet Storm Security Tools
• Packet Storm Security Misc. Files
• Sophos security news
• Sophos product advisories
• Penetration Testing
• SecuriTeam
• BackTrack Linux Forums
• Threatpost
• SecDocs
• carnal0wnage.attackresearch.com
• Carnal0wnage
• Kernel Fun
• Darknet
• The Exploitant
• Hack a Day
• Wirevolution

Bugtraq

• February 17, 2012
• 

  Re: Fwd: 0-DAY XSS of cforms II is now fixed after a year and four months (was Re: cforms WordPress Plugin Cross Site Scripting Vulnerability - CVE-2010-3977)

  Posted: February 17th, 2012, 8:45am PST

  Tags:   

  Posted by Rodrigo Rubira Branco \(BSDaemon\) on Feb 17

  Dear Kousuke,
  
  First of all, let me clarify that the disclosure process has been
  entirely coordinated by me, and thus, Wagner, Conviso and Check Point
  have no responsibilities over any mistake I eventually made.
  
  Anyway, just to clarify your points:
  
  I sent to the developer a complete advisory, including the exploit code.
  
  I never confused the vulnerabilities. And I never said the bug was
  patched... Maybe you should redirect this comment to...