Overview
Request 1145378 accepted
Add bug/CVE references
- Included in 6.19: Fix a vulnerability that allows a user of the
product to change another user's settings or alter the database
(bsc#1207464, CVE-2023-0241).
- Included in 6.14: Fix a vulnerability that allows a remote
unauthenticated user to redirect a user to an arbitrary web site
by crafting a malicious URL (boo#1207238, CVE-2023-22298).
- Included in 6.7: Fix for unrestricted file upload (boo#1197143,
CVE-2022-0959).
- Included in 6.5: Fixed an issue when uploading a CSV throwing an
error in the Desktop mode
Request History
alarrosa created request
Add bug/CVE references
- Included in 6.19: Fix a vulnerability that allows a user of the
product to change another user's settings or alter the database
(bsc#1207464, CVE-2023-0241).
- Included in 6.14: Fix a vulnerability that allows a remote
unauthenticated user to redirect a user to an arbitrary web site
by crafting a malicious URL (boo#1207238, CVE-2023-22298).
- Included in 6.7: Fix for unrestricted file upload (boo#1197143,
CVE-2022-0959).
- Included in 6.5: Fixed an issue when uploading a CSV throwing an
error in the Desktop mode
alarrosa accepted request