admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-06 18:53:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2020-03-16 17:01:11 +00:00
parent 64fb59f3cf
commit 5166b0f3a4
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
3 changed files with 26 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
2017/8xxx/CVE-2017-8073.json
View File

@ -76,6 +76,16 @@
"name": "DSA-3836",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3836"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2020-4d232b48b8",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4ASRTCQFFDAAK347URWNDH6NSED2BGNY/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2020-db890b4800",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ER23GT23US5JXDLUZAMGMWXKZ74MI4S2/"
}
]
}

10
2020/8xxx/CVE-2020-8955.json
View File

@ -66,6 +66,16 @@
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0248",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00032.html"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2020-4d232b48b8",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4ASRTCQFFDAAK347URWNDH6NSED2BGNY/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2020-db890b4800",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ER23GT23US5JXDLUZAMGMWXKZ74MI4S2/"
}
]
}

7
2020/9xxx/CVE-2020-9447.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "The file-upload feature in GwtUpload 1.0.3 allows XSS via a crafted filename."
"value": "There is an XSS (cross-site scripting) vulnerability in GwtUpload 1.0.3 in the file upload functionality. Someone can upload a file with a malicious filename, which contains JavaScript code, which would result in XSS. Cross-site scripting enables attackers to steal data, change the appearance of a website, and perform other malicious activities like phishing or drive-by hacking."
}
]
},
@ -56,6 +56,11 @@
"url": "https://github.com/manolo/gwtupload/issues/32",
"refsource": "MISC",
"name": "https://github.com/manolo/gwtupload/issues/32"
},
{
"refsource": "MISC",
"name": "https://www.coresecurity.com/advisories/gwtupload-xss-file-upload-functionality",
"url": "https://www.coresecurity.com/advisories/gwtupload-xss-file-upload-functionality"
}
]
}