FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-23 14:57:51 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
8d85d600-84a9-11ea-97b9-08002728f74c	Wagtail -- XSS vulnerability Wagtail release notes: CVE-2020-11001: Possible XSS attack via page revision comparison view This release addresses a cross-site scripting (XSS) vulnerability on the page revision comparison view within the Wagtail admin interface. A user with a limited-permission editor account for the Wagtail admin could potentially craft a page revision history that, when viewed by a user with higher privileges, could perform actions with that user credentials. The vulnerability is not exploitable by an ordinary site visitor without access to the Wagtail admin. Discovery 2020-04-03 Entry 2020-04-22 py35-wagtail py36-wagtail py37-wagtail py38-wagtail < 2.7.2 https://docs.wagtail.io/en/latest/releases/2.7.2.html https://github.com/advisories/GHSA-v2wc-pfq2-5cm6 CVE-2020-11001

VuXML ID

Description

8d85d600-84a9-11ea-97b9-08002728f74c

Wagtail -- XSS vulnerability

Wagtail release notes:

CVE-2020-11001: Possible XSS attack via page revision comparison view

This release addresses a cross-site scripting (XSS) vulnerability on the page revision comparison view within the Wagtail admin interface. A user with a limited-permission editor account for the Wagtail admin could potentially craft a page revision history that, when viewed by a user with higher privileges, could perform actions with that user credentials. The vulnerability is not exploitable by an ordinary site visitor without access to the Wagtail admin.

Discovery 2020-04-03
Entry 2020-04-22
py35-wagtail
py36-wagtail
py37-wagtail
py38-wagtail

< 2.7.2

https://docs.wagtail.io/en/latest/releases/2.7.2.html
https://github.com/advisories/GHSA-v2wc-pfq2-5cm6
CVE-2020-11001