[Secure-testing-commits] r49603 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sun Mar 12 16:10:30 UTC 2017
Author: carnil
Date: 2017-03-12 16:10:30 +0000 (Sun, 12 Mar 2017)
New Revision: 49603
Modified:
data/CVE/list
Log:
CVE-2017-6820/roundcube assigned
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-03-12 16:09:10 UTC (rev 49602)
+++ data/CVE/list 2017-03-12 16:10:30 UTC (rev 49603)
@@ -14,8 +14,6 @@
RESERVED
CVE-2017-6821
RESERVED
-CVE-2017-6820 (rcube_utils.php in Roundcube before 1.1.8 and 1.2.x before 1.2.4 is ...)
- TODO: check
CVE-2017-6819 (In WordPress before 4.7.3, there is cross-site request forgery (CSRF) ...)
TODO: check
CVE-2017-6818 (In WordPress before 4.7.3 (wp-admin/js/tags-box.js), there is ...)
@@ -28,7 +26,7 @@
TODO: check
CVE-2017-6814 (In WordPress before 4.7.3, there is authenticated Cross-Site Scripting ...)
TODO: check
-CVE-2017-XXXX [XSS issue in handling of a style tag inside of an svg element]
+CVE-2017-6820 [XSS issue in handling of a style tag inside of an svg element]
- roundcube <unfixed> (bug #857473)
NOTE: https://github.com/roundcube/roundcubemail/commit/fa2824fdcd44af3f970b2797feb47652482c8305
NOTE: https://github.com/roundcube/roundcubemail/commit/cbd35626f7db7855f3b5e2db00d28ecc1554e9f4
More information about the Secure-testing-commits
mailing list