[Git][security-tracker-team/security-tracker][master] Add CVE-2020-16255/owncloud

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
df034a7f by Salvatore Bonaccorso at 2021-01-19T07:26:46+01:00
Add CVE-2020-16255/owncloud

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -47269,7 +47269,7 @@ CVE-2020-16257 (Winston 1.5.4 devices are vulnerable to command injection via th
 CVE-2020-16256 (The API on Winston 1.5.4 devices is vulnerable to CSRF. ...)
 	NOT-FOR-US: Winston devices
 CVE-2020-16255 (ownCloud (Core) before 10.5 allows XSS in login page 'forgot password. ...)
-	TODO: check
+	- owncloud <removed>
 CVE-2020-16254 (The Chartkick gem through 3.3.2 for Ruby allows Cascading Style Sheets ...)
 	NOT-FOR-US: Chartkick gem
 CVE-2020-16253 (The PgHero gem through 2.6.0 for Ruby allows CSRF. ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/df034a7f69609cad21fd1e81ff4a1138acaf94be

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/df034a7f69609cad21fd1e81ff4a1138acaf94be
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210119/639aa003/attachment.html>