Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
4040d8b7 by Salvatore Bonaccorso at 2022-04-08T22:38:24+02:00
Process three more orangehrm CVEs with itp'ed bug
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -4780,11 +4780,11 @@ CVE-2022-27111
CVE-2022-27110 (OrangeHRM 4.10 is vulnerable to a Host header injection
redirect via v ...)
- orangehrm <itp> (bug #786622)
CVE-2022-27109 (OrangeHRM 4.10 suffers from a Referer header injection
redirect vulner ...)
- TODO: check
+ - orangehrm <itp> (bug #786622)
CVE-2022-27108 (OrangeHRM 4.10 is vulnerable to Insecure Direct Object
Reference (IDOR ...)
- TODO: check
+ - orangehrm <itp> (bug #786622)
CVE-2022-27107 (OrangeHRM 4.10 is vulnerable to Stored XSS in the "Share
Video" sectio ...)
- TODO: check
+ - orangehrm <itp> (bug #786622)
CVE-2022-27106
RESERVED
CVE-2022-27105
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4040d8b7478f2f959accf867266d36fe32c02080
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4040d8b7478f2f959accf867266d36fe32c02080
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
