diff options
author | woodsb02 <woodsb02@FreeBSD.org> | 2017-02-03 06:48:50 +0800 |
---|---|---|
committer | woodsb02 <woodsb02@FreeBSD.org> | 2017-02-03 06:48:50 +0800 |
commit | 3f96e6fe73c9ed46e465279a87cd9693919ac3e6 (patch) | |
tree | ff555c5a6a1c10ce053d16b164cdfe8a21604fb4 | |
parent | d2db4b0382c1a9414475179c61b2ebd91ab1ba92 (diff) | |
download | freebsd-ports-gnome-3f96e6fe73c9ed46e465279a87cd9693919ac3e6.tar.gz freebsd-ports-gnome-3f96e6fe73c9ed46e465279a87cd9693919ac3e6.tar.zst freebsd-ports-gnome-3f96e6fe73c9ed46e465279a87cd9693919ac3e6.zip |
Add additional vulnerability for wordpress 4.7.1 that was initially kept
quiet by the wordpress team [1].
[1] https://make.wordpress.org/core/2017/02/01/disclosure-of-additional-security-fix-in-wordpress-4-7-2/
Security: https://vuxml.FreeBSD.org/freebsd/54e50cd9-c1a8-11e6-ae1b-002590263bf5.html
-rw-r--r-- | security/vuxml/vuln.xml | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index a385c60c6e91..aac1bf5217f8 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -204,6 +204,8 @@ Notes: themes from accidentally causing a vulnerability.</li> <li>A cross-site scripting (XSS) vulnerability was discovered in the posts list table.</li> + <li>An unauthenticated privilege escalation vulnerability was + discovered in a REST API endpoint.</li> </ul> </blockquote> </body> @@ -214,6 +216,7 @@ Notes: <cvename>CVE-2017-5612</cvename> <url>http://www.openwall.com/lists/oss-security/2017/01/28/5</url> <url>https://wordpress.org/news/2017/01/wordpress-4-7-2-security-release/</url> + <url>https://make.wordpress.org/core/2017/02/01/disclosure-of-additional-security-fix-in-wordpress-4-7-2/</url> </references> <dates> <discovery>2017-01-26</discovery> |