"-Synchronized-Data."

2020/15xxx/CVE-2020-15215.json

@@ -44,7 +44,7 @@
         "description_data": [
             {
                 "lang": "eng",
-                "value": "Electron before versions 11.0.0-beta.6, 10.1.2, 9.3.1 or 8.5.2 is vulnerable to a context isolation bypass. Apps using both `contextIsolation` and `sandbox: true` are affected. Apps using both `contextIsolation` and `nodeIntegrationInSubFrames: true` are affected.\n\nThis is a context isolation bypass, meaning that code running in the main world context in the renderer can reach into the isolated Electron context and perform privileged actions."
+                "value": "Electron before versions 11.0.0-beta.6, 10.1.2, 9.3.1 or 8.5.2 is vulnerable to a context isolation bypass. Apps using both `contextIsolation` and `sandbox: true` are affected. Apps using both `contextIsolation` and `nodeIntegrationInSubFrames: true` are affected. This is a context isolation bypass, meaning that code running in the main world context in the renderer can reach into the isolated Electron context and perform privileged actions."
             }
         ]
     },

2020/25xxx/CVE-2020-25248.json

@@ -56,6 +56,11 @@
                 "url": "https://seclists.org/fulldisclosure/2020/Sep/21",
                 "refsource": "MISC",
                 "name": "https://seclists.org/fulldisclosure/2020/Sep/21"
+            },
+            {
+                "refsource": "FULLDISC",
+                "name": "20201006 Re: Navy Federal Reflective Cross Site Scripting (XSS)",
+                "url": "http://seclists.org/fulldisclosure/2020/Oct/9"
             }
         ]
     }