FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

nothing found there

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
8d85d600-84a9-11ea-97b9-08002728f74cWagtail -- XSS vulnerability

Wagtail release notes:

CVE-2020-11001: Possible XSS attack via page revision comparison view

This release addresses a cross-site scripting (XSS) vulnerability on the page revision comparison view within the Wagtail admin interface. A user with a limited-permission editor account for the Wagtail admin could potentially craft a page revision history that, when viewed by a user with higher privileges, could perform actions with that user credentials. The vulnerability is not exploitable by an ordinary site visitor without access to the Wagtail admin.


Discovery 2020-04-03
Entry 2020-04-22
py35-wagtail
py36-wagtail
py37-wagtail
py38-wagtail
lt 2.7.2

https://docs.wagtail.io/en/latest/releases/2.7.2.html
https://github.com/advisories/GHSA-v2wc-pfq2-5cm6
CVE-2020-11001