On Thu, Jan 03, 2019 at 10:45:36AM +0100, Daniel Bishtawi wrote: > We are glad to inform you about the vulnerabilities we reported in > Microweber 1.0.8. > Affected Versions: 1.0.8 > Homepage: https://github.com/microweber/microweber > Status: Not Fixed > CVE-ID: CVE-2018-19917 > Netsparker Advisory Reference: NS-18-038
> https://www.netsparker.com/web-applications-advisories/ns-18-038-reflected-cross-site-scripting-in-microweber/ > 13th April 2018- First Contact > 14th April 2018 - Technical Details Sent > 28th June 2018 - Attempted to Contact > 3rd January 2019 - Advisory Released How did you contact vendor? Are you sure that they didn't fix this? Latest version is 1.1.2 according to https://microweber.com/download. Do you plan to follow-up on this or is this case closed from your point of view? -- Henri Salo _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
