[Git][security-tracker-team/security-tracker][master] Add new znuny issues
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sun Apr 21 20:29:27 BST 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
bea1019e by Salvatore Bonaccorso at 2024-04-21T21:28:54+02:00
Add new znuny issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,12 @@
+CVE-2024-32493 [SQL injection issue regarding Form IDs when cleaning up drafts]
+ - znuny 6.5.8-1
+ NOTE: https://www.znuny.org/en/advisories/zsa-2024-03
+CVE-2024-32492 [Cross Site Scripting (XSS) in the Customer Portal Ticket View]
+ - znuny <not-affected> (Only affects Znuny from 7.0.1 up to including 7.0.16)
+ NOTE: https://www.znuny.org/en/advisories/zsa-2024-02
+CVE-2024-32491 [Directory Traversal via File Upload]
+ - znuny 6.5.8-1
+ NOTE: https://www.znuny.org/en/advisories/zsa-2024-01
CVE-2024-4020 (A vulnerability was found in Tenda FH1206 1.2.0.8(8155) and classified ...)
NOT-FOR-US: Tenda
CVE-2024-4019 (A vulnerability classified as critical has been found in Byzoro Smart ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bea1019eaf40fb6e2cc25b13261eb122ab29357e
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bea1019eaf40fb6e2cc25b13261eb122ab29357e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240421/419a00ee/attachment.htm>
More information about the debian-security-tracker-commits
mailing list