Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
9da89620 by Salvatore Bonaccorso at 2022-03-11T08:52:37+01:00
CVE-2022-26874/php-horde-mime-viewer assigned
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -2801,7 +2801,7 @@ CVE-2022-0732 (The backend infrastructure shared by
multiple mobile device monit
NOT-FOR-US: Various vendors for Mobile device monitoring services
CVE-2022-0731 (Improper Access Control (IDOR) in GitHub repository
dolibarr/dolibarr ...)
- dolibarr <removed>
-CVE-2022-XXXX [Account Takeover via Email of OpenOffice file containing XSS
exploit]
+CVE-2022-26874 [Account Takeover via Email of OpenOffice file containing XSS
exploit]
- php-horde-mime-viewer 2.2.4+debian0-1
NOTE:
https://blog.sonarsource.com/horde-webmail-account-takeover-via-email/
NOTE: Introduced by:
https://github.com/horde/Mime_Viewer/commit/325a7ae2663dd9c50e85fe515033454669f16f28
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9da8962066ad0832c408bbdcf88a40b1f7ee1ad2
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9da8962066ad0832c408bbdcf88a40b1f7ee1ad2
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
