From 513c06a58cf0c5c7b29809edb83784afcc090ece Mon Sep 17 00:00:00 2001 From: CVE Team Date: Tue, 20 Feb 2024 04:00:34 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2023/6xxx/CVE-2023-6693.json | 5 +++ 2024/1xxx/CVE-2024-1559.json | 75 ++++++++++++++++++++++++++++++++-- 2024/24xxx/CVE-2024-24258.json | 5 +++ 2024/24xxx/CVE-2024-24259.json | 5 +++ 2024/24xxx/CVE-2024-24575.json | 5 +++ 2024/24xxx/CVE-2024-24577.json | 5 +++ 6 files changed, 96 insertions(+), 4 deletions(-) diff --git a/2023/6xxx/CVE-2023-6693.json b/2023/6xxx/CVE-2023-6693.json index 36769e9924e..eecc183bfa8 100644 --- a/2023/6xxx/CVE-2023-6693.json +++ b/2023/6xxx/CVE-2023-6693.json @@ -168,6 +168,11 @@ "url": "https://security.netapp.com/advisory/ntap-20240208-0004/", "refsource": "MISC", "name": "https://security.netapp.com/advisory/ntap-20240208-0004/" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OYGUN5HVOXESW7MSNM44E4AE2VNXQB6Y/", + "refsource": "MISC", + "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OYGUN5HVOXESW7MSNM44E4AE2VNXQB6Y/" } ] }, diff --git a/2024/1xxx/CVE-2024-1559.json b/2024/1xxx/CVE-2024-1559.json index 37ca165080f..b79422965dc 100644 --- a/2024/1xxx/CVE-2024-1559.json +++ b/2024/1xxx/CVE-2024-1559.json @@ -1,17 +1,84 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-1559", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Link Library plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'll_reciprocal' parameter in all versions up to, and including, 7.6 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "jackdewey", + "product": { + "product_data": [ + { + "product_name": "Link Library", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "7.6" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/407a5c69-cce0-4868-aef0-ffc88981e256?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/407a5c69-cce0-4868-aef0-ffc88981e256?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3037265%40link-library&new=3037265%40link-library&sfp_email=&sfph_mail=", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3037265%40link-library&new=3037265%40link-library&sfp_email=&sfph_mail=" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Krzysztof Zaj\u0105c" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" } ] } diff --git a/2024/24xxx/CVE-2024-24258.json b/2024/24xxx/CVE-2024-24258.json index 238a1d8ba26..bd802362567 100644 --- a/2024/24xxx/CVE-2024-24258.json +++ b/2024/24xxx/CVE-2024-24258.json @@ -61,6 +61,11 @@ "refsource": "MISC", "name": "https://github.com/freeglut/freeglut/pull/155", "url": "https://github.com/freeglut/freeglut/pull/155" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2024-b69a4d75a1", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T43DAHPIWMGN54E4I6ABLHNYHZSTX7H5/" } ] } diff --git a/2024/24xxx/CVE-2024-24259.json b/2024/24xxx/CVE-2024-24259.json index 7ebb50478d2..71ac61ea2f6 100644 --- a/2024/24xxx/CVE-2024-24259.json +++ b/2024/24xxx/CVE-2024-24259.json @@ -61,6 +61,11 @@ "refsource": "MISC", "name": "https://github.com/freeglut/freeglut/pull/155", "url": "https://github.com/freeglut/freeglut/pull/155" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2024-b69a4d75a1", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T43DAHPIWMGN54E4I6ABLHNYHZSTX7H5/" } ] } diff --git a/2024/24xxx/CVE-2024-24575.json b/2024/24xxx/CVE-2024-24575.json index 7dd593f5b33..97865b49d69 100644 --- a/2024/24xxx/CVE-2024-24575.json +++ b/2024/24xxx/CVE-2024-24575.json @@ -92,6 +92,11 @@ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7CNDW3PF6NHO7OXNM5GN6WSSGAMA7MZE/", "refsource": "MISC", "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7CNDW3PF6NHO7OXNM5GN6WSSGAMA7MZE/" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z6MXOX7I43OWNN7R6M54XLG6U5RXY244/", + "refsource": "MISC", + "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z6MXOX7I43OWNN7R6M54XLG6U5RXY244/" } ] }, diff --git a/2024/24xxx/CVE-2024-24577.json b/2024/24xxx/CVE-2024-24577.json index ea4f137d7c0..ffd24665ac6 100644 --- a/2024/24xxx/CVE-2024-24577.json +++ b/2024/24xxx/CVE-2024-24577.json @@ -87,6 +87,11 @@ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7CNDW3PF6NHO7OXNM5GN6WSSGAMA7MZE/", "refsource": "MISC", "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7CNDW3PF6NHO7OXNM5GN6WSSGAMA7MZE/" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z6MXOX7I43OWNN7R6M54XLG6U5RXY244/", + "refsource": "MISC", + "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z6MXOX7I43OWNN7R6M54XLG6U5RXY244/" } ] },