Control: retitle -1 dokuwiki: CVE-2023-34408: XSS in RSS syntax
Hi,
On Thu, May 18, 2023 at 03:19:05PM +0200, Moritz Muehlenhoff wrote:
> Source: dokuwiki
> Version: 0.0.20220731.a-1
> Severity: grave
> Tags: security
> X-Debbugs-Cc: Debian Security Team
>
> No CVE yet:
>
Hi Moritz,
Moritz Muehlenhoff wrote:
> Severity: grave
Thanks for the severity assessment by the security team. I wasn't
really sure if this is RC or "just important".
I've had a look at the new upstream tar balls, but the diff is
unfortunately huge:
$ tardiff dokuwiki-2022-07-31{a,b}.tgz
-
Source: dokuwiki
Version: 0.0.20220731.a-1
Severity: grave
Tags: security
X-Debbugs-Cc: Debian Security Team
No CVE yet:
https://huntr.dev/bounties/c6119106-1a5c-464c-94dd-ee7c5d0bece0/
https://github.com/dokuwiki/dokuwiki/pull/3967
3 matches
Mail list logo
