Описание
Security update for doxygen
This update for doxygen fixes the following issues:
- CVE-2016-10245: XSS was possible via insufficient sanitization of the query parameter in templates/html/search_opensearch.php (bsc#1136364)
Список пакетов
SUSE Linux Enterprise Desktop 12 SP3
doxygen-1.8.6-3.3.1
SUSE Linux Enterprise Desktop 12 SP4
doxygen-1.8.6-3.3.1
SUSE Linux Enterprise Software Development Kit 12 SP3
doxygen-1.8.6-3.3.1
SUSE Linux Enterprise Software Development Kit 12 SP4
doxygen-1.8.6-3.3.1
SUSE Linux Enterprise Workstation Extension 12 SP3
doxygen-1.8.6-3.3.1
SUSE Linux Enterprise Workstation Extension 12 SP4
doxygen-1.8.6-3.3.1
Ссылки
- Link for SUSE-SU-2019:1570-1
- E-Mail link for SUSE-SU-2019:1570-1
- SUSE Security Ratings
- SUSE Bug 1136364
- SUSE CVE CVE-2016-10245 page
Описание
Insufficient sanitization of the query parameter in templates/html/search_opensearch.php could lead to reflected cross-site scripting or iframe injection.
Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP3:doxygen-1.8.6-3.3.1
SUSE Linux Enterprise Desktop 12 SP4:doxygen-1.8.6-3.3.1
SUSE Linux Enterprise Software Development Kit 12 SP3:doxygen-1.8.6-3.3.1
SUSE Linux Enterprise Software Development Kit 12 SP4:doxygen-1.8.6-3.3.1
Ссылки
- CVE-2016-10245
- SUSE Bug 1136364