[Secure-testing-commits] r56014 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Sep 22 14:09:53 UTC 2017
Author: carnil
Date: 2017-09-22 14:09:52 +0000 (Fri, 22 Sep 2017)
New Revision: 56014
Modified:
data/CVE/list
Log:
Add wordpress issues as CVE should be assigned shortly
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-09-22 12:04:38 UTC (rev 56013)
+++ data/CVE/list 2017-09-22 14:09:52 UTC (rev 56014)
@@ -1,3 +1,21 @@
+CVE-2017-XXXX [Cross-site scripting (XSS) vulnerability in the link modal]
+ - wordpress 4.8.2+dfsg-1 (bug #876274)
+CVE-2017-XXXX [Cross-site scripting (XSS) vulnerability in template names]
+ - wordpress 4.8.2+dfsg-1 (bug #876274)
+CVE-2017-XXXX [Path traversal vulnerability in the customizer]
+ - wordpress 4.8.2+dfsg-1 (bug #876274)
+CVE-2017-XXXX [Open redirect in the user and term edit screens]
+ - wordpress 4.8.2+dfsg-1 (bug #876274)
+CVE-2017-XXXX [Cross-site scripting (XSS) vulnerability in the plugin editor]
+ - wordpress 4.8.2+dfsg-1 (bug #876274)
+CVE-2017-XXXX [Path traversal vulnerability in the file unzipping code]
+ - wordpress 4.8.2+dfsg-1 (bug #876274)
+CVE-2017-XXXX [Cross-site scripting (XSS) vulnerability in the visual editor]
+ - wordpress 4.8.2+dfsg-1 (bug #876274)
+CVE-2017-XXXX [Cross-site scripting (XSS) vulnerability in the oEmbed discovery]
+ - wordpress 4.8.2+dfsg-1 (bug #876274)
+CVE-2017-XXXX [$wpdb->prepare() can create unexpected and unsafe queries leading to potential SQL injection (SQLi)]
+ - wordpress 4.8.2+dfsg-1 (bug #876274)
CVE-2017-14701
RESERVED
CVE-2017-14700
More information about the Secure-testing-commits
mailing list