[Git][security-tracker-team/security-tracker][master] Add CVE-2024-4023/flatpress
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Mar 20 21:33:44 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
224e2a9e by Salvatore Bonaccorso at 2025-03-20T22:33:21+01:00
Add CVE-2024-4023/flatpress
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -428,7 +428,7 @@ CVE-2024-57440 (D-Link DSL-3788 revA1 1.01R1B036_EU_EN is vulnerable to Buffer O
CVE-2024-4990 (In yiisoft/yii2 version 2.0.48, the base Component class contains a vu ...)
- yii <itp> (bug #597899)
CVE-2024-4023 (A stored cross-site scripting (XSS) vulnerability exists in flatpressb ...)
- TODO: check
+ - flatpress <itp> (bug #466297)
CVE-2024-48591 (Inflectra SpiraTeam 7.2.00 is vulnerable to Cross Site Scripting (XSS) ...)
NOT-FOR-US: Inflectra SpiraTeam
CVE-2024-48590 (Inflectra SpiraTeam 7.2.00 is vulnerable to Server-Side Request Forger ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/224e2a9eca61671a9f0df6312d56f904a84fd3c1
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/224e2a9eca61671a9f0df6312d56f904a84fd3c1
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250320/fd0f602f/attachment.htm>
More information about the debian-security-tracker-commits
mailing list