Описание
Security update for php5-smarty3
This update for php5-smarty3 fixes the following issues:
- CVE-2018-16381: Prevent traversal vulnerability due to insufficient template code sanitization that allowed attackers controlling the executed template code to bypass the trusted directory security restriction and read arbitrary files (bsc#1108741).
Список пакетов
openSUSE Leap 42.3
php5-smarty3-3.1.33-5.5.1
php5-smarty3-doc-3.1.33-5.5.1
Ссылки
- E-Mail link for openSUSE-SU-2018:2859-1
- SUSE Security Ratings
Описание
e107 2.1.8 has XSS via the e107_admin/users.php?mode=main&action=list user_loginname parameter.
Затронутые продукты
openSUSE Leap 42.3:php5-smarty3-3.1.33-5.5.1
openSUSE Leap 42.3:php5-smarty3-doc-3.1.33-5.5.1
Ссылки
- CVE-2018-16381