[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Dec 7 08:46:42 GMT 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
95fe23c0 by Salvatore Bonaccorso at 2023-12-07T09:45:14+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,57 +1,57 @@
 CVE-2023-6568 (Cross-site Scripting (XSS) - Reflected in GitHub repository mlflow/mlf ...)
-	TODO: check
+	NOT-FOR-US: mlflow
 CVE-2023-6566 (Business Logic Errors in GitHub repository microweber/microweber prior ...)
-	TODO: check
+	NOT-FOR-US: microweber
 CVE-2023-5761 (The Burst Statistics \u2013 Privacy-Friendly Analytics for WordPress p ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-5714 (The System Dashboard plugin for WordPress is vulnerable to unauthorize ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-5713 (The System Dashboard plugin for WordPress is vulnerable to unauthorize ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-5712 (The System Dashboard plugin for WordPress is vulnerable to unauthorize ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-5711 (The System Dashboard plugin for WordPress is vulnerable to unauthorize ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-5710 (The System Dashboard plugin for WordPress is vulnerable to unauthorize ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-49225 (A cross-site-scripting vulnerability exists in Ruckus Access Point pro ...)
 	TODO: check
 CVE-2023-48861 (DLL hijacking vulnerability in TTplayer version 7.0.2, allows local at ...)
 	TODO: check
 CVE-2023-48860 (TOTOLINK N300RT version 3.2.4-B20180730.0906 has a post-authentication ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2023-48841 (Appointment Scheduler 3.0 is vulnerable to CSV Injection via a Languag ...)
-	TODO: check
+	NOT-FOR-US: Appointment Scheduler
 CVE-2023-48840 (A lack of rate limiting in pjActionAjaxSend in Appointment Scheduler 3 ...)
-	TODO: check
+	NOT-FOR-US: Appointment Scheduler
 CVE-2023-48839 (Appointment Scheduler 3.0 is vulnerable to Multiple Stored Cross-Site  ...)
-	TODO: check
+	NOT-FOR-US: Appointment Scheduler
 CVE-2023-48838 (Appointment Scheduler 3.0 is vulnerable to Multiple HTML Injection iss ...)
-	TODO: check
+	NOT-FOR-US: Appointment Scheduler
 CVE-2023-48837 (Car Rental Script 3.0 is vulnerable to Multiple HTML Injection issues  ...)
-	TODO: check
+	NOT-FOR-US: Car Rental Script
 CVE-2023-48836 (Car Rental Script 3.0 is vulnerable to Multiple Stored Cross-Site Scri ...)
-	TODO: check
+	NOT-FOR-US: Car Rental Script
 CVE-2023-48835 (Car Rental Script v3.0 is vulnerable to CSV Injection via a Language > ...)
-	TODO: check
+	NOT-FOR-US: Car Rental Script
 CVE-2023-48834 (A lack of rate limiting in pjActionAjaxSend in Car Rental v3.0 allows  ...)
-	TODO: check
+	NOT-FOR-US: Car Rental Script
 CVE-2023-48833 (A lack of rate limiting in pjActionAJaxSend in Time Slots Booking Cale ...)
-	TODO: check
+	NOT-FOR-US: Time Slots Booking Calendar
 CVE-2023-48831 (A lack of rate limiting in pjActionAJaxSend in Availability Booking Ca ...)
-	TODO: check
+	NOT-FOR-US: Availability Booking Calendar
 CVE-2023-48830 (Shuttle Booking Software 2.0 is vulnerable to CSV Injection in the Lan ...)
-	TODO: check
+	NOT-FOR-US: Shuttle Booking Software
 CVE-2023-48828 (Time Slots Booking Calendar 4.0 is vulnerable to Multiple Stored Cross ...)
-	TODO: check
+	NOT-FOR-US: Time Slots Booking Calendar
 CVE-2023-48827 (Time Slots Booking Calendar 4.0 is vulnerable to Multiple HTML Injecti ...)
-	TODO: check
+	NOT-FOR-US: Time Slots Booking Calendar
 CVE-2023-48826 (Time Slots Booking Calendar 4.0 is vulnerable to CSV Injection via the ...)
-	TODO: check
+	NOT-FOR-US: Time Slots Booking Calendar
 CVE-2023-48825 (Availability Booking Calendar 5.0 is vulnerable to Multiple HTML Injec ...)
-	TODO: check
+	NOT-FOR-US: Availability Booking Calendar
 CVE-2023-48824 (BoidCMS 2.0.1 is vulnerable to Multiple Stored Cross-Site Scripting (X ...)
-	TODO: check
+	NOT-FOR-US: BoidCMS
 CVE-2023-48823 (A Blind SQL injection issue in ajax.php in GaatiTrack Courier Manageme ...)
 	TODO: check
 CVE-2023-48208 (A Cross Site Scripting vulnerability in Availability Booking Calendar  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/95fe23c079c534650a0a54691a04de7ec5e06d88

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/95fe23c079c534650a0a54691a04de7ec5e06d88
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231207/022169fc/attachment.htm>

More information about the debian-security-tracker-commits mailing list