[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso
carnil at debian.org
Wed Jul 18 21:16:38 BST 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
7eb3209a by Salvatore Bonaccorso at 2018-07-18T22:16:17+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,9 +1,9 @@
CVE-2018-14389 (joyplus-cms 1.6.0 has SQL Injection via the manager/admin_ajax.php val ...)
- TODO: check
+ NOT-FOR-US: joyplus-cms
CVE-2018-14388 (joyplus-cms 1.6.0 has XSS via the manager/admin_ajax.php ...)
- TODO: check
+ NOT-FOR-US: joyplus-cms
CVE-2018-14387 (An issue was discovered in WonderCMS before 2.5.2. An attacker can ...)
- TODO: check
+ NOT-FOR-US: WonderCMS
CVE-2018-14386
RESERVED
CVE-2018-14385
@@ -13,7 +13,7 @@ CVE-2018-14384
CVE-2018-14383
RESERVED
CVE-2018-14382 (InstantCMS 2.10.1 has /redirect?url= XSS. ...)
- TODO: check
+ NOT-FOR-US: InstantCMS
CVE-2018-14381 (Pagekit before 1.0.14 has a /user/login?redirect= open redirect ...)
TODO: check
CVE-2018-14380 (In Graylog before 2.4.6, XSS was possible in typeahead components, ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/7eb3209a8f850f72c8188a98e08da1520d2be5bc
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/7eb3209a8f850f72c8188a98e08da1520d2be5bc
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180718/9359e5be/attachment.html>
More information about the debian-security-tracker-commits
mailing list