[GHSA-3jvv-r7g7-63qp] Cross-site scripting (XSS) vulnerability in SourceBans...

github / advisory-database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Creative Commons Attribution 4.0 International

1.72k stars 323 forks source link

[GHSA-3jvv-r7g7-63qp] Cross-site scripting (XSS) vulnerability in SourceBans... #4466

Closed epicosy closed 3 months ago

epicosy commented 4 months ago

Updates

Affected products
Description
Source code location
Summary

Comments The following fix seems to address CVE-2015-8349: https://github.com/sbpp/sourcebans-pp/commit/d14aeb64bced19144ed7c5a953366d4715bf2e24 The version in the change log (1.4.10) is close to the one in the CPE: "Up to (including) 1.4.11".

JonathanLEvans commented 4 months ago

Hi @epicosy, thank you for your contribution however I am unable to find SourceBans in one of our supported ecosystems. Could you provide a link to where you found it in one of the package systems?

epicosy commented 4 months ago

Hi @JonathanLEvans, thanks for reaching back. Unfortunately, I can't.

I'm leaving more context for whoever needs to continue this. Docker Image SourceBans++ is a continuation of SourceBans.

The old repo with the same commit.