No edit summary Tag: 2017 source edit |
No edit summary |
||
| Line 53: | Line 53: | ||
|[https://www.cve.org/CVERecord?id=CVE-2022-3895 CVE-2022-3895] | |[https://www.cve.org/CVERecord?id=CVE-2022-3895 CVE-2022-3895] | ||
|Arbitrary HTML injection through use of interface elements | |Arbitrary HTML injection through use of interface elements | ||
|- | |||
|[[Security:Security Advisories/BSSA-2022-01|BSSA-2022-01]] | |||
|2023-07-25 | |||
|Ghostscript vulnerability | |||
|[https://www.cve.org/CVERecord?id=CVE-2023-36664 CVE-2023-36664] | |||
|Code can be executed on the server via a manipulated PDF | |||
|} | |} | ||
Revision as of 11:16, 27 July 2023
| Release name | Release date | Title | References | Summary |
|---|---|---|---|---|
| BSSA-2022-01 | 2022-01-31 | XSS attack vector in Search Center | CVE-2022-2510 | JavaScript in search field is reflected back to the browser. |
| BSSA-2022-02 | 2022-11-15 | XSS attack vector on regular pages | CVE-2022-2511 | Arbitrary HTML injection through the 'title' parameter |
| BSSA-2022-03 | 2022-11-15 | XSS attack vector on regular pages | CVE-2022-41611 | Arbitrary HTML injection through main navigation |
| BSSA-2022-04 | 2022-11-15 | XSS attack vector on regular pages | CVE-2022-41789, CVE-2022-41814, CVE-2022-42000 | Arbitrary HTML injection through user preferences |
| BSSA-2022-05 | 2022-11-15 | XSS attack vector on regular pages | CVE-2022-42001 | Arbitrary HTML injection through the book navigation |
| BSSA-2022-06 | 2022-11-15 | XSS attack vector on regular pages | CVE-2022-3893 | Arbitrary HTML injection through the custom menu |
| BSSA-2022-07 | 2022-11-15 | XSS attack vector on regular pages | CVE-2022-3958 | Arbitrary HTML injection through personal menu items |
| BSSA-2022-08 | 2022-11-15 | XSS attack vector on regular pages | CVE-2022-3895 | Arbitrary HTML injection through use of interface elements |
| BSSA-2022-01 | 2023-07-25 | Ghostscript vulnerability | CVE-2023-36664 | Code can be executed on the server via a manipulated PDF |
