Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[GHSA-378w-3fqw-3555] Multiple cross-site scripting (XSS) vulnerabilities in... #4997

Conversation

mwinters0
Copy link

Updates

  • Affected products
  • Description
  • Source code location
  • Summary

Comments
Reported here FreshRSS/FreshRSS#2121
Mentioned in release notes for 1.13.0 https://github.com/FreshRSS/FreshRSS/releases/tag/1.13.0

@github-actions github-actions bot changed the base branch from main to mwinters0/advisory-improvement-4997 November 9, 2024 15:31
@shelbyc
Copy link
Contributor

shelbyc commented Nov 12, 2024

Hi @mwinters0, the GitHub Advisory Database can't review GHSA-378w-3fqw-3555 because FreshRSS isn't in one of our supported ecosystems. If you want the CVE record to be updated to include the fixed version 1.13.0, you may contact MITRE, the CVE Numbering Authority that issued the CVE, at https://cveform.mitre.org. There, you can select Request an update to an existing CVE Entry and provide MITRE with the same reference links you provided in this PR to support changing the CVE record.

Thank you for your interest in GHSA-378w-3fqw-3555 and have a good day!

@shelbyc shelbyc closed this Nov 12, 2024
@github-actions github-actions bot deleted the mwinters0-GHSA-378w-3fqw-3555 branch November 12, 2024 14:43
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants