[Secure-testing-commits] r51695 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed May 17 15:21:54 UTC 2017
Author: carnil
Date: 2017-05-17 15:21:54 +0000 (Wed, 17 May 2017)
New Revision: 51695
Modified:
data/CVE/list
Log:
Add new wordpress issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-05-17 13:05:40 UTC (rev 51694)
+++ data/CVE/list 2017-05-17 15:21:54 UTC (rev 51695)
@@ -1,3 +1,21 @@
+CVE-2017-XXXX [A cross-site scripting (XSS) vulnerability was discovered related to the Customizer]
+ - wordpress 4.7.5+dfsg-1 (bug #862816)
+ NOTE: https://wordpress.org/news/2017/05/wordpress-4-7-5/
+CVE-2017-XXXX [A cross-site scripting (XSS) vulnerability was discovered when attempting to upload very large files]
+ - wordpress 4.7.5+dfsg-1 (bug #862816)
+ NOTE: https://wordpress.org/news/2017/05/wordpress-4-7-5/
+CVE-2017-XXXX [A Cross Site Request Forgery (CRSF) vulnerability was discovered in the filesystem credentials dialog]
+ - wordpress 4.7.5+dfsg-1 (bug #862816)
+ NOTE: https://wordpress.org/news/2017/05/wordpress-4-7-5/
+CVE-2017-XXXX [Lack of capability checks for post meta data in the XML-RPC API]
+ - wordpress 4.7.5+dfsg-1 (bug #862816)
+ NOTE: https://wordpress.org/news/2017/05/wordpress-4-7-5/
+CVE-2017-XXXX [Improper handling of post meta data values in the XML-RPC API]
+ - wordpress 4.7.5+dfsg-1 (bug #862816)
+ NOTE: https://wordpress.org/news/2017/05/wordpress-4-7-5/
+CVE-2017-XXXX [Insufficient redirect validation in the HTTP class]
+ - wordpress 4.7.5+dfsg-1 (bug #862816)
+ NOTE: https://wordpress.org/news/2017/05/wordpress-4-7-5/
CVE-2017-9024
RESERVED
CVE-2017-9023
More information about the Secure-testing-commits
mailing list