Commit d227a2fe authored by Mateusz Piotrowski's avatar Mateusz Piotrowski
Browse files

Document accountsservice vulnerability

parent b581cb75
......@@ -76,6 +76,41 @@ Notes:
* Do not forget port variants (linux-f10-libxml2, libxml2, etc.)
<vuxml xmlns="">
<vuln vid="75aae50b-9e3c-11eb-9bc3-8c164582fbac">
<topic>AccountService -- Insufficient path check in user_change_icon_file_authorized_cb()</topic>
<body xmlns="">
<p>NVD reports:</p>
<blockquote cite="">
Directory Traversal with ../ sequences occurs in AccountsService
before 0.6.50 because of an insufficient path check in
user_change_icon_file_authorized_cb() in user.c.
<vuln vid="40b481a9-9df7-11eb-9bc3-8c164582fbac">
<topic>mdbook -- XSS in mdBook's search page</topic>
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment