"-Synchronized-Data."

2025-08-04 08:44:25 +00:00 · 2021-03-05 12:00:44 +00:00 · 2021-03-05 12:00:44 +00:00 · cb4b65e0a4
commit cb4b65e0a4
parent ca1b20adf4
2 changed files with 10 additions and 4 deletions
--- a/2021/25xxx/CVE-2021-25122.json
+++ b/2021/25xxx/CVE-2021-25122.json
@ -108,6 +108,11 @@
                "refsource": "MLIST",
                "name": "[tomcat-users] 20210305 RE: [SECURITY] CVE-2021-25122 Apache Tomcat h2c request mix-up",
                "url": "https://lists.apache.org/thread.html/rcd90bf36b1877e1310b87ecd14ed7bbb15da52b297efd9f0e7253a3b@%3Cusers.tomcat.apache.org%3E"
+            },
+            {
+                "refsource": "MLIST",
+                "name": "[tomcat-users] 20210305 Re: [SECURITY] CVE-2021-25122 Apache Tomcat h2c request mix-up",
+                "url": "https://lists.apache.org/thread.html/rd0463f9a5cbc02a485404c4b990f0da452e5ac5c237808edba11c947@%3Cusers.tomcat.apache.org%3E"
            }
        ]
    },
--- a/2021/27xxx/CVE-2021-27907.json
+++ b/2021/27xxx/CVE-2021-27907.json
@ -43,7 +43,7 @@
        "description_data": [
            {
                "lang": "eng",
-                "value": "Apache Superset up to and including 0.38.0 allowed the creation of a Markdown component on a Dashboard page for describing chart's related information. Abusing this functionality, a malicious user could inject javascript code executing unwanted action in the context of the user's browser. The javascript code will be automatically executed (Stored XSS) when a legitimate user surfs on the dashboard page. The vulnerability is exploitable creating a “div” section and embedding in it a “svg” element with javascript code."
+                "value": "Apache Superset up to and including 0.38.0 allowed the creation of a Markdown component on a Dashboard page for describing chart's related information. Abusing this functionality, a malicious user could inject javascript code executing unwanted action in the context of the user's browser. The javascript code will be automatically executed (Stored XSS) when a legitimate user surfs on the dashboard page. The vulnerability is exploitable creating a \u201cdiv\u201d section and embedding in it a \u201csvg\u201d element with javascript code."
            }
        ]
    },
@ -66,12 +66,13 @@
    "references": {
        "reference_data": [
            {
-                "refsource": "CONFIRM",
-                "url": "https://lists.apache.org/thread.html/r09293fb09f1d617f0d2180c42210e739e2211f8da9bc5c1873bea67a%40%3Cdev.superset.apache.org%3E"
+                "refsource": "MISC",
+                "url": "https://lists.apache.org/thread.html/r09293fb09f1d617f0d2180c42210e739e2211f8da9bc5c1873bea67a%40%3Cdev.superset.apache.org%3E",
+                "name": "https://lists.apache.org/thread.html/r09293fb09f1d617f0d2180c42210e739e2211f8da9bc5c1873bea67a%40%3Cdev.superset.apache.org%3E"
            }
        ]
    },
    "source": {
        "discovery": "UNKNOWN"
    }
-}
+}