[Git][security-tracker-team/security-tracker][master] Add unfixed php-horde-mime-viewer XSS issue
Paul Wise (@pabs)
pabs at debian.org
Tue Feb 22 23:16:34 GMT 2022
Paul Wise pushed to branch master at Debian Security Tracker / security-tracker
Commits:
f64a5b54 by Paul Wise at 2022-02-23T07:15:29+08:00
Add unfixed php-horde-mime-viewer XSS issue
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,7 @@
+CVE-2022-XXXX [Account Takeover via Email of OpenOffice file containing XSS exploit]
+ - php-horde-mime-viewer <unfixed>
+ NOTE: https://blog.sonarsource.com/horde-webmail-account-takeover-via-email/
+ NOTE: Introduced: https://github.com/horde/Mime_Viewer/commit/325a7ae2663dd9c50e85fe515033454669f16f28
CVE-2022-25762
RESERVED
CVE-2022-25757
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f64a5b5451c4f7a24c95f076263d519b1f1da396
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f64a5b5451c4f7a24c95f076263d519b1f1da396
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220222/a4e256b7/attachment.htm>
More information about the debian-security-tracker-commits
mailing list