Hi Gregory, * Gregory Colpart <[EMAIL PROTECTED]> [2008-07-27 15:23]: > There is a small XSS/unescaped output (only exploitable by > someone who can create a contact, and requiring the victim to > have access to that contact). [...] This seems to be already fixed in unstable. Which version did fix this? I can't see an old CVE id describing this problem, is a new CVE id needed for this one?
Kind regards Nico -- Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted.
pgp09HBEgC2ZM.pgp
Description: PGP signature