website: link CVE and attribute reporter
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
parent
0423023d2e
commit
7046944bf6
|
@ -3804,7 +3804,7 @@ Changed response : **200 OK**
|
|||
|
||||
## Fixed in 2022.10.2
|
||||
|
||||
- \*: fix CVE-2022-46145
|
||||
- \*: fix [CVE-2022-46145](../security/CVE-2022-46145), Reported by [@sdimovv](https://github.com/sdimovv)
|
||||
|
||||
## Fixed in 2022.10.3
|
||||
|
||||
|
@ -3812,8 +3812,8 @@ Changed response : **200 OK**
|
|||
|
||||
## Fixed in 2022.10.4
|
||||
|
||||
- \*: fix CVE-2022-46172
|
||||
- \*: fix CVE-2022-23555
|
||||
- \*: fix [CVE-2022-46172](../security/CVE-2022-46172), Reported by [@DreamingRaven](https://github.com/DreamingRaven)
|
||||
- \*: fix [CVE-2022-23555](../security/CVE-2022-23555), Reported by [@fuomag9](https://github.com/fuomag9)
|
||||
|
||||
## Upgrading
|
||||
|
||||
|
|
|
@ -73,7 +73,7 @@ image:
|
|||
|
||||
## Fixed in 2022.11.2
|
||||
|
||||
- \*: fix CVE-2022-46145
|
||||
- \*: fix [CVE-2022-46145](../security/CVE-2022-46145), Reported by [@sdimovv](https://github.com/sdimovv)
|
||||
|
||||
## Fixed in 2022.11.3
|
||||
|
||||
|
@ -81,8 +81,8 @@ image:
|
|||
|
||||
## Fixed in 2022.11.4
|
||||
|
||||
- \*: fix CVE-2022-46172
|
||||
- \*: fix CVE-2022-23555
|
||||
- \*: fix [CVE-2022-46172](../security/CVE-2022-46172), Reported by [@DreamingRaven](https://github.com/DreamingRaven)
|
||||
- \*: fix [CVE-2022-23555](../security/CVE-2022-23555), Reported by [@fuomag9](https://github.com/fuomag9)
|
||||
|
||||
## API Changes
|
||||
|
||||
|
|
|
@ -1,5 +1,7 @@
|
|||
# CVE-2022-23555
|
||||
|
||||
_Reported by [@fuomag9](https://github.com/fuomag9)_
|
||||
|
||||
## Token reuse in invitation URLs leads to access control bypass via the use of a different enrollment flow
|
||||
|
||||
### Summary
|
||||
|
|
|
@ -1,5 +1,7 @@
|
|||
# CVE-2022-46145
|
||||
|
||||
_Reported by [@sdimovv](https://github.com/sdimovv)_
|
||||
|
||||
## Unauthorized user creation and potential account takeover
|
||||
|
||||
### Impact
|
||||
|
|
|
@ -1,5 +1,7 @@
|
|||
# CVE-2022-46172
|
||||
|
||||
_Reported by [@DreamingRaven](https://github.com/DreamingRaven)_
|
||||
|
||||
## Existing Authenticated Users can Create Arbitrary Accounts
|
||||
|
||||
### Summary
|
||||
|
|
Reference in New Issue