[Git][security-tracker-team/security-tracker][master] Add CVE-2018-17572/influxdb

Tue Mar 3 14:10:13 GMT 2020


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9645ea8a by Salvatore Bonaccorso at 2020-03-03T15:09:40+01:00
Add CVE-2018-17572/influxdb

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -85383,7 +85383,8 @@ CVE-2018-17574 (An issue was discovered in YMFE YApi 1.3.23. There is stored XSS
 CVE-2018-17573 (The Wp-Insert plugin through 2.4.2 for WordPress allows upload of arbi ...)
 	NOT-FOR-US: Wp-Insert plugin for WordPress
 CVE-2018-17572 (InfluxDB 0.9.5 has Reflected XSS in the Write Data module. ...)
-	TODO: check
+	- influxdb 0.9.6.1+dfsg1-1
+	NOTE: https://gist.github.com/Raghavrao29/1cb84f1f2d8ce993fd7b2d1366d35f48
 CVE-2018-17571 (Vanilla before 2.6.1 allows XSS via the email field of a profile. ...)
 	NOT-FOR-US: Vanilla
 CVE-2018-17570 (utils/ut_ws_svr.c in ViaBTC Exchange Server before 2018-08-21 has an i ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9645ea8a5dc74b359d39e83c912887368260c4bf

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9645ea8a5dc74b359d39e83c912887368260c4bf
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200303/d533129c/attachment.html>
