https://bugzilla.redhat.com/show_bug.cgi?id=1254111 --- Comment #3 from Martin Prpic <mprpic@xxxxxxxxxx> --- A second flaw has also been assigned a CVE: RT 4.2.0 and above are vulnerable to a cross-site scripting (XSS) attack via the cryptography interface. This vulnerability could allow an attacker with a carefully-crafted key to inject JavaScript into RT's user interface. Installations which use neither GnuPG nor S/MIME are unaffected. This has been assigned CVE-2015-6506: http://seclists.org/oss-sec/2015/q3/384 -- You are receiving this mail because: You are on the CC list for the bug. -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/perl-devel
