[Git][security-tracker-team/security-tracker][master] Add new roundcube issue, #1052059
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Sep 18 20:37:20 BST 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
e0b27626 by Salvatore Bonaccorso at 2023-09-18T21:36:18+02:00
Add new roundcube issue, #1052059
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,7 @@
+CVE-2023-XXXX [cross-site scripting (XSS) vulnerability in handling of linkrefs in plain text messages]
+ - roundcube 1.6.3+dfsg-1 (bug #1052059)
+ NOTE: https://roundcube.net/news/2023/09/15/security-update-1.6.3-released
+ NOTE: Fixed by: https://github.com/roundcube/roundcubemail/commit/e92ec206a886461245e1672d8530cc93c618a49b (1.6.3)
CVE-2023-5036 (Cross-Site Request Forgery (CSRF) in GitHub repository usememos/memos ...)
NOT-FOR-US: Memos
CVE-2023-5034 (A vulnerability classified as problematic was found in SourceCodester ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e0b27626975f19a9eb449fb7062997af14bed0d9
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e0b27626975f19a9eb449fb7062997af14bed0d9
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230918/05c7ba53/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list