[Git][security-tracker-team/security-tracker][master] Add two issues in seafile (server part, seafile-server, itp'ed)

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
4bf5d37e by Salvatore Bonaccorso at 2023-12-09T09:51:09+01:00
Add two issues in seafile (server part, seafile-server, itp'ed)

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -37931,9 +37931,9 @@ CVE-2023-28876 (A Broken Access Control issue in comments to uploaded files in F
 CVE-2023-28875 (A Stored XSS issue in shared files download terms in Filerun Update 20 ...)
 	NOT-FOR-US: Filerun
 CVE-2023-28874 (The next parameter in the /accounts/login endpoint of Seafile 9.0.6 al ...)
-	TODO: check
+	- seafile-server <itp> (bug #865830)
 CVE-2023-28873 (An XSS issue in wiki and discussion pages in Seafile 9.0.6 allows atta ...)
-	TODO: check
+	- seafile-server <itp> (bug #865830)
 CVE-2023-28872
 	RESERVED
 CVE-2023-28871 (Support Assistant in NCP Secure Enterprise Client before 12.22 allows  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4bf5d37e1efce5750ec469d6c8b126d4fa4325f5

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4bf5d37e1efce5750ec469d6c8b126d4fa4325f5
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231209/22ef088b/attachment-0001.htm>