No edit summary |
No edit summary Tag: 2017 source edit |
||
| Line 9: | Line 9: | ||
|2022-01-31 | |2022-01-31 | ||
|XSS attack vector in Search Center | |XSS attack vector in Search Center | ||
|CVE | |[https://www.cve.org/CVERecord?id=CVE-2022-2510 CVE-2022-2510] | ||
|JavaScript in search field is reflected back to the browser. | |JavaScript in search field is reflected back to the browser. | ||
|- | |- | ||
| Line 15: | Line 15: | ||
|2022-04-25 | |2022-04-25 | ||
|XSS attack vector on regular pages | |XSS attack vector on regular pages | ||
|CVE | |[https://www.cve.org/CVERecord?id=CVE-2022-2511 CVE-2022-2511] | ||
|Arbitrary HTML injection through the 'title' parameter | |Arbitrary HTML injection through the 'title' parameter | ||
|} | |} | ||
Revision as of 21:56, 22 July 2022
| Release name | Release date | Title | References | Summary |
|---|---|---|---|---|
| BSSA-2022-01 | 2022-01-31 | XSS attack vector in Search Center | CVE-2022-2510 | JavaScript in search field is reflected back to the browser. |
| BSSA-2022-02 | 2022-04-25 | XSS attack vector on regular pages | CVE-2022-2511 | Arbitrary HTML injection through the 'title' parameter |
Discussions