Security:Security Advisories: Difference between revisions

Latest revision as of 16:09, 27 July 2023

Release name	Release date	Title	References	Summary
BSSA-2023-01	2023-07-25	Ghostscript vulnerability	CVE-2023-36664	Code can be executed on the server via a manipulated PDF
BSSA-2022-08	2022-11-15	XSS attack vector on regular pages	CVE-2022-3895	Arbitrary HTML injection through use of interface elements
BSSA-2022-07	2022-11-15	XSS attack vector on regular pages	CVE-2022-3958	Arbitrary HTML injection through personal menu items
BSSA-2022-06	2022-11-15	XSS attack vector on regular pages	CVE-2022-3893	Arbitrary HTML injection through the custom menu
BSSA-2022-05	2022-11-15	XSS attack vector on regular pages	CVE-2022-42001	Arbitrary HTML injection through the book navigation
BSSA-2022-04	2022-11-15	XSS attack vector on regular pages	CVE-2022-41789, CVE-2022-41814, CVE-2022-42000	Arbitrary HTML injection through user preferences
BSSA-2022-03	2022-11-15	XSS attack vector on regular pages	CVE-2022-41611	Arbitrary HTML injection through main navigation
BSSA-2022-02	2022-11-15	XSS attack vector on regular pages	CVE-2022-2511	Arbitrary HTML injection through the 'title' parameter
BSSA-2022-01	2022-01-31	XSS attack vector in Search Center	CVE-2022-2510	JavaScript in search field is reflected back to the browser.

@@ Line 1: / Line 1: @@
-{| class="wikitable" style="width:100%;"
+{| class="wikitable sortable" style="width:100%;"
 !Release name
 !Release date
@@ Line 6: / Line 6: @@
 !Summary
 |-
-|
+|[[Security:Security Advisories/BSSA-2023-01|BSSA-2023-01]]
-|
+|2023-07-25
-|
+|Ghostscript vulnerability
-|
+|[https://www.cve.org/CVERecord?id=CVE-2023-36664 CVE-2023-36664]
-|
+|Code can be executed on the server via a manipulated PDF
 |-
-|
+|[[Security:Security Advisories/BSSA-2022-08|BSSA-2022-08]]
-|
+|2022-11-15
-|
+|XSS attack vector on regular pages
-|
+|[https://www.cve.org/CVERecord?id=CVE-2022-3895 CVE-2022-3895]
-|
+|Arbitrary HTML injection through use of interface elements
 |-
-|
+|[[Security:Security Advisories/BSSA-2022-07|BSSA-2022-07]]
-|
+|2022-11-15
-|
+|XSS attack vector on regular pages
-|
+|[https://www.cve.org/CVERecord?id=CVE-2022-3958 CVE-2022-3958]
-|
+|Arbitrary HTML injection through personal menu items
 |-
-|
+|[[Security:Security Advisories/BSSA-2022-06|BSSA-2022-06]]
-|
+|2022-11-15
-|
+|XSS attack vector on regular pages
-|
+|[https://www.cve.org/CVERecord?id=CVE-2022-3893 CVE-2022-3893]
-|
+|Arbitrary HTML injection through the custom menu
 |-
-|
+|[[Security:Security Advisories/BSSA-2022-05|BSSA-2022-05]]
-|
+|2022-11-15
-|
+|XSS attack vector on regular pages
-|
+|[https://www.cve.org/CVERecord?id=CVE-2022-42001 CVE-2022-42001]
-|
+|Arbitrary HTML injection through the book navigation
+|-
+|[[Security:Security Advisories/BSSA-2022-04|BSSA-2022-04]]
+|2022-11-15
+|XSS attack vector on regular pages
+|[https://www.cve.org/CVERecord?id=CVE-2022-41789 CVE-2022-41789], [https://www.cve.org/CVERecord?id=CVE-2022-41814 CVE-2022-41814], [https://www.cve.org/CVERecord?id=CVE-2022-42000 CVE-2022-42000]
+|Arbitrary HTML injection through user preferences
+|-
+|[[Security:Security Advisories/BSSA-2022-03|BSSA-2022-03]]
+|2022-11-15
+|XSS attack vector on regular pages
+|[https://www.cve.org/CVERecord?id=CVE-2022-41611 CVE-2022-41611]
+|Arbitrary HTML injection through main navigation
+|-
+|[[Security:Security Advisories/BSSA-2022-02|BSSA-2022-02]]
+|2022-11-15
+|XSS attack vector on regular pages
+|[https://www.cve.org/CVERecord?id=CVE-2022-2511 CVE-2022-2511]
+|Arbitrary HTML injection through the 'title' parameter
+|-
+|[[Security:Security Advisories/BSSA-2022-01|BSSA-2022-01]]
+|2022-01-31
+|XSS attack vector in Search Center
+|[https://www.cve.org/CVERecord?id=CVE-2022-2510 CVE-2022-2510]
+|JavaScript in search field is reflected back to the browser.
 |}