[Secure-testing-commits] r27110 - data/CVE
Thijs Kinkhorst
thijs at moszumanska.debian.org
Tue Jun 3 09:40:44 UTC 2014
Author: thijs
Date: 2014-06-03 09:40:44 +0000 (Tue, 03 Jun 2014)
New Revision: 27110
Modified:
data/CVE/list
Log:
mediawiki issue; cve requested
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-06-03 09:14:11 UTC (rev 27109)
+++ data/CVE/list 2014-06-03 09:40:44 UTC (rev 27110)
@@ -1,3 +1,6 @@
+CVE-2014-XXXX [mediawiki Javascript inject by anonymous users on private wikis with $wgRawHtml enabled]
+ - mediawiki <unfixed> (low)
+ NOTE: needs wgRawHTML enabled; may not be easy to exploit
CVE-2014-3940 [missing check during hugepage migration]
- linux <unfixed>
- linux-2.6 <removed>
More information about the Secure-testing-commits
mailing list