On Wed, Jan 23, 2019 at 01:10:08PM +0100, Daniel Bishtawi wrote: > We are glad to inform you about the vulnerabilities we reported in > Coppermine 1.5.46. > > Status: Fixed > CVE-ID: 2018-14478 > https://www.netsparker.com/web-applications-advisories/ns-18-050-cross-site-scripting-in-coppermine/
Fixed in 1.5.48. Vendor advisory: http://forum.coppermine-gallery.net/index.php/topic,79577.0.html You might want to repeat your security testing on modified parts of the application. -- Henri Salo _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
