[Secure-testing-commits] r49593 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Mar 11 19:36:20 UTC 2017
Author: carnil
Date: 2017-03-11 19:36:20 +0000 (Sat, 11 Mar 2017)
New Revision: 49593
Modified:
data/CVE/list
Log:
Add roundcube issue, #857473
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-03-11 17:01:15 UTC (rev 49592)
+++ data/CVE/list 2017-03-11 19:36:20 UTC (rev 49593)
@@ -1,3 +1,9 @@
+CVE-2017-XXXX [XSS issue in handling of a style tag inside of an svg element]
+ - roundcube <unfixed> (bug #857473)
+ NOTE: https://github.com/roundcube/roundcubemail/commit/fa2824fdcd44af3f970b2797feb47652482c8305
+ NOTE: https://github.com/roundcube/roundcubemail/commit/cbd35626f7db7855f3b5e2db00d28ecc1554e9f4
+ NOTE: https://github.com/roundcube/roundcubemail/wiki/Changelog#release-124
+ NOTE: https://github.com/roundcube/roundcubemail/releases/tag/1.1.8
CVE-2017-6813
RESERVED
CVE-2017-6812 (paintballrefjosh/MaNGOSWebV4 4.0.8 is vulnerable to a reflected XSS in ...)
More information about the Secure-testing-commits
mailing list