- Synchronized data.

2025-05-08 11:37:04 +00:00 · 2017-10-17 16:03:39 -04:00 · 2017-10-17 16:03:39 -04:00 · 1714509ab2
commit 1714509ab2
parent dc894e05bb
2 changed files with 73 additions and 1 deletions
--- a/2017/15xxx/CVE-2017-15538.json
+++ b/2017/15xxx/CVE-2017-15538.json
@ -0,0 +1,72 @@
+{
+   "CVE_data_meta" : {
+      "ASSIGNER" : "cve@mitre.org",
+      "ID" : "CVE-2017-15538",
+      "STATE" : "PUBLIC"
+   },
+   "affects" : {
+      "vendor" : {
+         "vendor_data" : [
+            {
+               "product" : {
+                  "product_data" : [
+                     {
+                        "product_name" : "n/a",
+                        "version" : {
+                           "version_data" : [
+                              {
+                                 "version_value" : "n/a"
+                              }
+                           ]
+                        }
+                     }
+                  ]
+               },
+               "vendor_name" : "n/a"
+            }
+         ]
+      }
+   },
+   "data_format" : "MITRE",
+   "data_type" : "CVE",
+   "data_version" : "4.0",
+   "description" : {
+      "description_data" : [
+         {
+            "lang" : "eng",
+            "value" : "Stored XSS vulnerability in the Media Objects component of ILIAS before 5.1.21 and 5.2.x before 5.2.9 allows an authenticated user to inject JavaScript to gain administrator privileges, related to the setParameter function in Services/MediaObjects/classes/class.ilMediaItem.php."
+         }
+      ]
+   },
+   "problemtype" : {
+      "problemtype_data" : [
+         {
+            "description" : [
+               {
+                  "lang" : "eng",
+                  "value" : "n/a"
+               }
+            ]
+         }
+      ]
+   },
+   "references" : {
+      "reference_data" : [
+         {
+            "url" : "http://openwall.com/lists/oss-security/2017/10/17/3"
+         },
+         {
+            "url" : "https://github.com/ILIAS-eLearning/ILIAS/commit/b2a4660afec1e87d41c83c8e381f549bc6dfc70f"
+         },
+         {
+            "url" : "https://lists.ilias.de/pipermail/ilias-admins/2017-October/000053.html"
+         },
+         {
+            "url" : "https://www.ilias.de/docu/goto_docu_pg_75377_35.html"
+         },
+         {
+            "url" : "https://www.ilias.de/docu/goto_docu_pg_75378_1719.html"
+         }
+      ]
+   }
+}
--- a/2017/3xxx/CVE-2017-3759.json
+++ b/2017/3xxx/CVE-2017-3759.json
@ -35,7 +35,7 @@
      "description_data" : [
         {
            "lang" : "eng",
-            "value" : "The Lenovo Service Framework Android application accepts some responses from the server without proper validation. This exposes the application to man-in-the-middle attacks leading to possible remote code execution"
+            "value" : "The Lenovo Service Framework Android application accepts some responses from the server without proper validation. This exposes the application to man-in-the-middle attacks leading to possible remote code execution."
         }
      ]
   },