-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, Oct 14, 2014 at 04:28:27PM +0000, sourav.infosec@xxxxxxxxx wrote: > I had reported few xss issues on LiveZilla 5.3.0.7 . They fixed it properly and informed me. Now latest build is 5.3.0.8 / 2014-09-25. > > http://changelog.livezilla.net/ > > Can you help me regarding CVE. I can send you the vulnerability details. CVE OpenSource Request HOWTO can be located at: http://people.redhat.com/kseifrie/CVE-OpenSource-Request-HOWTO.html As "Live!Zilla" product is open-source you can request CVE in public oss-security mailing list: http://oss-security.openwall.org/wiki/ http://www.openwall.com/lists/oss-security/ You should include following details to your request if available: - - Software and vendor name - - Type of vulnerability - - Link to vulnerable source code or fix - - Link to source code change log - - Link to security advisory - - Link to bug entry - - Affected versions - - Fixed in versions - - Proof of concept code/exploit I am more than happy to help you off-list or create the request with you. - --- Henri Salo -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAlRCNA0ACgkQXf6hBi6kbk/dywCgwMa7m0hu/rUgBGOvs8QFOcnv MGgAoJzWiIb9gTcNNqs1WbhvJa3bPskQ =r3Pj -----END PGP SIGNATURE-----
