[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-6561/dojo

Sat Feb 3 14:07:19 UTC 2018

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
3a58ba7c by Salvatore Bonaccorso at 2018-02-03T15:07:05+01:00
Add CVE-2018-6561/dojo

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================

--- a/data/CVE/list
+++ b/data/CVE/list
@@ -95,7 +95,8 @@ CVE-2018-6563
 CVE-2018-6562
 	RESERVED
 CVE-2018-6561 (dijit.Editor in Dojo Toolkit 1.13 allows XSS via the onload attribute ...)
-	TODO: check
+	- dojo <unfixed>
+	NOTE: https://github.com/imsebao/404team/blob/master/dijit_editor_xss.md
 CVE-2018-6560 (In dbus-proxy/flatpak-proxy.c in Flatpak before 0.8.9, and 0.9.x and ...)
 	- flatpak 0.10.3-1 (bug #888842)
 	[stretch] - flatpak <no-dsa> (Minor issue; will be fixed via point release)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/3a58ba7c31bb7c06e1b8f91c6a27c5460fcdb3f6

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/3a58ba7c31bb7c06e1b8f91c6a27c5460fcdb3f6
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180203/c8cdd7d5/attachment.html>
