[Secure-testing-commits] r53967 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Jul 27 03:10:10 UTC 2017
Author: carnil
Date: 2017-07-27 03:10:10 +0000 (Thu, 27 Jul 2017)
New Revision: 53967
Modified:
data/CVE/list
Log:
Add new cacti issue, #869848
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-07-26 21:48:10 UTC (rev 53966)
+++ data/CVE/list 2017-07-27 03:10:10 UTC (rev 53967)
@@ -1,3 +1,10 @@
+CVE-2017-XXXX [Cross-site scripting (XSS) vulnerability in auth_profile.php]
+ - cacti <unfixed> (bug #869848)
+ [stretch] - cacti <not-affected> (Vulnerable code introduced later with addition of user profile management page for users)
+ [jessie] - cacti <not-affected> (Vulnerable code introduced later with addition of user profile management page for users)
+ [wheezy] - cacti <not-affected> (Vulnerable code introduced later with addition of user profile management page for users)
+ NOTE: https://github.com/Cacti/cacti/issues/867
+ NOTE: /for/fohttps://github.com/Cacti/cacti/commit/104090aeead4aa433bf1f18cd6d52dcfeb71236c
CVE-2017-11667 (OpenProject before 6.1.6 and 7.x before 7.0.3 mishandles session ...)
NOT-FOR-US: OpenProject
CVE-2017-11666 (Cross-site scripting (XSS) vulnerability in js/ViewerPanel.js in the ...)
More information about the Secure-testing-commits
mailing list