[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Multiple Cross Site Scripting (XSS) and SQL injection Vulnerabilities in XRMS, CVE-2008-3664



Both the XSS and SQL injection vulnerabilities  have now been addressed in the XRMS code currently residing in CVS.  A general filtering mechanism has been implemented to sanitize all GET, POST, COOKIE, REQUEST and SERVER data.