[Secure-testing-commits] r48609 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Jan 31 13:10:09 UTC 2017
Author: carnil
Date: 2017-01-31 13:10:09 +0000 (Tue, 31 Jan 2017)
New Revision: 48609
Modified:
data/CVE/list
Log:
Remove unneded TODO
Once MITRE will reject the entry we can clean it up. Until then this is
still associated with given refences. It is marked as unimportant
already.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-01-31 13:09:59 UTC (rev 48608)
+++ data/CVE/list 2017-01-31 13:10:09 UTC (rev 48609)
@@ -15249,7 +15249,6 @@
NOTE: https://www.exploit-db.com/exploits/39937/
NOTE: Claimed to be not a vulnerability but a superadmin using a feature
NOTE: as intended. 1:3.0.6+dfsg-1 improved the API script.execute validation.
- TODO: wait for CVE REJECT and remove entry
CVE-2016-9139 [An attacker could trick an authenticated agent or customer into opening a malicious attachment which could lead to the execution of JavaScript in OTRS context]
RESERVED
{DLA-787-1}
More information about the Secure-testing-commits
mailing list