[VIM] StaticStore vendor ACK of XSS issue (CVE-2005-4284)

security curmudgeon jericho at attrition.org
Thu Dec 22 20:04:06 EST 2005

: After a bit of confusion, the vendor has now acknowledged the
: search.cgi XSS issue:
:    The vulnerability has been corrected...  thank you for bringing
:    that to our attention and the patched "search.cgi" has been emailed
:    to all customers and posted for download on our private forums.

Does this include the variation (possible seperate script) that Matthew 
reported here? Or did they not distinguish?

More information about the VIM mailing list