admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-30 18:04:30 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2021-03-23 23:00:44 +00:00
parent dc2774324f
commit 69e594e6f5
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
2 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
2021/21xxx/CVE-2021-21380.json
View File

@ -35,7 +35,7 @@
"description_data": [
{
"lang": "eng",
"value": "XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions of XWiki Platform (and only those with the Ratings API installed), the Rating Script Service expose an API to perform SQL requests without escaping the from and where search arguments. \nThis might lead to an SQL script injection quite easily for any user having Script rights on XWiki. The problem has been patched in XWiki 12.9RC1. The only workaround besides upgrading XWiki would be to uninstall the Ratings API in XWiki from the Extension Manager."
"value": "XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions of XWiki Platform (and only those with the Ratings API installed), the Rating Script Service expose an API to perform SQL requests without escaping the from and where search arguments. This might lead to an SQL script injection quite easily for any user having Script rights on XWiki. The problem has been patched in XWiki 12.9RC1. The only workaround besides upgrading XWiki would be to uninstall the Ratings API in XWiki from the Extension Manager."
}
]
},

5
2021/26xxx/CVE-2021-26117.json
View File

@ -104,6 +104,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20210305 [SECURITY] [DLA 2583-1] activemq security update",
"url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00005.html"
},
{
"refsource": "MLIST",
"name": "[activemq-gitbox] 20210323 [GitHub] [activemq-artemis] trevorlinton opened a new pull request #3515: Update activmq5 version to fix CVE-2021-26117",
"url": "https://lists.apache.org/thread.html/r70389648227317bdadcdecbd9f238571a6047469d156bd72bb0ca2f7@%3Cgitbox.activemq.apache.org%3E"
}
]
},