[Git][security-tracker-team/security-tracker][master] Add CVE-2025-45406/codeigniter, itp'ed
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Jul 25 22:04:31 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
9a4a0990 by Salvatore Bonaccorso at 2025-07-25T23:02:58+02:00
Add CVE-2025-45406/codeigniter, itp'ed
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -83,7 +83,7 @@ CVE-2025-45467 (Unitree Go1 <= Go1_2022_05_11 is vulnerable to Insecure Permissi
CVE-2025-45466 (Unitree Go1 <= Go1_2022_05_11 is vulnerale to Incorrect Access Control ...)
NOT-FOR-US: Unitree Go1
CVE-2025-45406 (A stored cross-site scripting (XSS) vulnerability in CodeIgniter4 v4.6 ...)
- TODO: check
+ - codeigniter <itp> (bug #471583)
CVE-2025-44608 (CloudClassroom-PHP Project v1.0 was discovered to contain a SQL inject ...)
NOT-FOR-US: CloudClassroom-PHP Project
CVE-2025-43712 (JHipster before v.8.9.0 allows privilege escalation via a modified aut ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9a4a099087333483dad66a049ae3bd224fd4674b
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9a4a099087333483dad66a049ae3bd224fd4674b
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250725/b70abba5/attachment.htm>
More information about the debian-security-tracker-commits
mailing list