Control: tags -1 + confirmed On Sun, 2022-01-02 at 21:10 +0100, Robin Gustafsson wrote: > [ Reason ] > Security issues affecting the version in bullseye. > * Bug #1001333 (CVE-2021-43808) > * Bug #1002728 (CVE-2021-43617) > > [ Impact ] > * Users of web applications using certain templating features from > the framework may by vulnerable to XSS attacks. > * Users who host web applications relying on the framework's file > upload > validation features may be vulnerable to remote code execution > attacks. >
Please go ahead, thanks. Regards, Adam
