[asterisk-bugs] [Asterisk 0016139]: CVE-2008-7220: static-http/prototype.js is vulnerable to "cross-site ajax requests"

Asterisk Bug Tracker noreply at bugs.digium.com
Tue Oct 27 12:15:24 CDT 2009


The following issue has been SUBMITTED. 
====================================================================== 
https://issues.asterisk.org/view.php?id=16139 
====================================================================== 
Reported By:                jcollie
Assigned To:                
====================================================================== 
Project:                    Asterisk
Issue ID:                   16139
Category:                   Core/HTTP
Reproducibility:            always
Severity:                   major
Priority:                   normal
Status:                     new
Asterisk Version:           SVN 
JIRA:                        
Regression:                 No 
Reviewboard Link:            
SVN Branch (only for SVN checkouts, not tarball releases): N/A 
SVN Revision (number only!):  
Request Review:              
====================================================================== 
Date Submitted:             2009-10-27 12:15 CDT
Last Modified:              2009-10-27 12:15 CDT
====================================================================== 
Summary:                    CVE-2008-7220: static-http/prototype.js is
vulnerable to "cross-site ajax requests"
Description: 
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-7220
https://bugzilla.redhat.com/show_bug.cgi?id=523277

====================================================================== 

Issue History 
Date Modified    Username       Field                    Change               
====================================================================== 
2009-10-27 12:15 jcollie        New Issue                                    
2009-10-27 12:15 jcollie        Asterisk Version          => SVN             
2009-10-27 12:15 jcollie        Regression                => No              
2009-10-27 12:15 jcollie        SVN Branch (only for SVN checkouts, not tarball
releases) => N/A             
======================================================================




More information about the asterisk-bugs mailing list