[Git][security-tracker-team/security-tracker][master] Add three new CVEs from limesurvey, itp'ed

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
088df639 by Salvatore Bonaccorso at 2025-11-20T21:39:47+01:00
Add three new CVEs from limesurvey, itp'ed

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -87,11 +87,11 @@ CVE-2025-48987 (Improper Neutralization of Input in Revive Adserver 5.5.2 and 6.
 CVE-2025-48986 (Authorization bypass in Revive Adserver 5.5.2 and 6.0.1 and earlier ve ...)
 	NOT-FOR-US: Revive Adserver
 CVE-2025-41076 (In version 6.13.0 of LimeSurvey, any external user can cause a 500 err ...)
-	TODO: check
+	- limesurvey <itp> (bug #472802)
 CVE-2025-41075 (Vulnerability in LimeSurvey 6.13.0 in the endpoint /optinthat causes i ...)
-	TODO: check
+	- limesurvey <itp> (bug #472802)
 CVE-2025-41074 (Vulnerability in LimeSurvey 6.13.0  in the endpoint /optout that cause ...)
-	TODO: check
+	- limesurvey <itp> (bug #472802)
 CVE-2025-40605 (A Path Traversal vulnerability has been identified in the Email Securi ...)
 	NOT-FOR-US: SonicWall
 CVE-2025-40604 (Download of Code Without Integrity Check Vulnerability in the SonicWal ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/088df63919dbb230a2b62f2b60d5397f559f49dc

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/088df63919dbb230a2b62f2b60d5397f559f49dc
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251120/6231f528/attachment.htm>