diff options
author | Stefan Bethke <stb@lassitu.de> | 2024-02-24 21:53:33 +0000 |
---|---|---|
committer | Nuno Teixeira <eduardo@FreeBSD.org> | 2024-02-24 21:53:33 +0000 |
commit | f8bb4184bbea9d8fc472cf3ed28fa2d48f6d4911 (patch) | |
tree | aafb506d456285a03404473d9f3f9ede5fa7205b | |
parent | 0806b5e2f75eb6847a849332c96dd40f8f8f0461 (diff) | |
download | ports-f8bb4184bbea9d8fc472cf3ed28fa2d48f6d4911.tar.gz ports-f8bb4184bbea9d8fc472cf3ed28fa2d48f6d4911.zip |
security/vuxml: Document www/gitea vulnerabilities
PR: 277275
-rw-r--r-- | security/vuxml/vuln/2024.xml | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/security/vuxml/vuln/2024.xml b/security/vuxml/vuln/2024.xml index 24a3e5950672..58b2218ecd4e 100644 --- a/security/vuxml/vuln/2024.xml +++ b/security/vuxml/vuln/2024.xml @@ -1,3 +1,30 @@ + <vuln vid="5ecfb588-d2f4-11ee-ad82-dbdfaa8acfc2"> + <topic>gitea -- Fix XSS vulnerabilities</topic> + <affects> + <package> + <name>gitea</name> + <range><lt>1.21.6</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <h1>Problem Description:</h1> + <ul> + <li>The Wiki page did not sanitize author name</li> + <li>the reviewer name on a "dismiss review" comment is also affected</li> + <li>the migration page has some spots</li> + </ul> + </body> + </description> + <references> + <url>https://blog.gitea.com/release-of-1.21.6/</url> + </references> + <dates> + <discovery>2024-02-23</discovery> + <entry>2024-02-24</entry> + </dates> + </vuln> + <vuln vid="2a470712-d351-11ee-86bb-a8a1599412c6"> <topic>chromium -- multiple security fixes</topic> <affects> |