From e7d70f7c8f71bac342cf259bd667bcf9b8473f35 Mon Sep 17 00:00:00 2001 From: Vikas Gupta Date: Sat, 9 Dec 2023 20:24:47 +0530 Subject: [PATCH] Update CVE-2023-3479.yaml Upon reporting this CVE, I would like to express that the vulnerability has been successfully addressed in version 1.7.8. Upon reevaluation, I can confirm that the issue has been resolved. https://huntr.com/bounties/6ac5cf87-6350-4645-8930-8f2876427723/ --- http/cves/2023/CVE-2023-3479.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/http/cves/2023/CVE-2023-3479.yaml b/http/cves/2023/CVE-2023-3479.yaml index 083cb8813c..d7b09e610b 100644 --- a/http/cves/2023/CVE-2023-3479.yaml +++ b/http/cves/2023/CVE-2023-3479.yaml @@ -1,13 +1,13 @@ id: CVE-2023-3479 info: - name: Hestiacp <= 1.7.8 - Cross-Site Scripting + name: Hestiacp <= 1.7.7 - Cross-Site Scripting author: edoardottt severity: medium description: | Cross-site Scripting (XSS) - Reflected in GitHub repository hestiacp/hestiacp prior to 1.7.8. remediation: | - Upgrade to the latest version of Hestiacp (1.7.9 or higher) to mitigate this vulnerability. + Upgrade to the latest version of Hestiacp (1.7.8 or higher) to mitigate this vulnerability. reference: - https://huntr.dev/bounties/6ac5cf87-6350-4645-8930-8f2876427723/ - https://nvd.nist.gov/vuln/detail/CVE-2023-3479 @@ -51,4 +51,4 @@ http: status: - 200 -# digest: 4b0a004830460221009b609af9860027f7f4d4286d4361560609b779ad2173ca1f2ddafc652840e2640221009ac0ad51b7e3d20199e17d615bab76b3d4366edba4c53cefdeafaac65bfabfea:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a004830460221009b609af9860027f7f4d4286d4361560609b779ad2173ca1f2ddafc652840e2640221009ac0ad51b7e3d20199e17d615bab76b3d4366edba4c53cefdeafaac65bfabfea:922c64590222798bb761d5b6d8e72950