[Git][security-tracker-team/security-tracker][master] cve-2025-2336/angular.js
Bastien Roucariès (@rouca)
rouca at debian.org
Sat Jun 7 20:59:57 BST 2025
Bastien Roucariès pushed to branch master at Debian Security Tracker / security-tracker
Commits:
8d187a28 by Bastien Roucariès at 2025-06-07T21:59:22+02:00
cve-2025-2336/angular.js
Add bug and PoC note
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1046,6 +1046,8 @@ CVE-2025-30415 (Denial of service due to improper handling of malformed input. T
NOT-FOR-US: Acronis
CVE-2025-2336 (Improper sanitization of the value of the 'href' and 'xlink:href' attr ...)
- angular.js <unfixed>
+ NOTE: https://www.herodevs.com/vulnerability-directory/cve-2025-2336
+ NOTE: PoC: https://codepen.io/herodevs/pen/bNGYaXx/412a3a4218387479898912f60c269c6c
CVE-2025-29094 (Cross Site Scripting vulnerability in Motivian Content Mangment System ...)
NOT-FOR-US: Motivian Content Mangment System
CVE-2025-29093 (File Upload vulnerability in Motivian Content Mangment System v.41.0.0 ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8d187a28e27c2c18e5267edb53dfad9b5819505c
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8d187a28e27c2c18e5267edb53dfad9b5819505c
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250607/1805c1f2/attachment.htm>
More information about the debian-security-tracker-commits
mailing list