Bugs fixes in "ledgersmb"
| Origin | Bug number | Title | Date fixed |
|---|---|---|---|
| CVE | CVE-2021-3731 | LedgerSMB does not sufficiently guard against being wrapped by other sites, making it vulnerable to 'clickjacking'. This allows an attacker to trick | 2021-09-29 |
| CVE | CVE-2021-3694 | LedgerSMB does not sufficiently HTML-encode error messages sent to the browser. By sending a specially crafted URL to an authenticated user, this fla | 2021-09-29 |
| CVE | CVE-2021-3693 | LedgerSMB does not check the origin of HTML fragments merged into the browser's DOM. By sending a specially crafted URL to an authenticated user, thi | 2021-09-29 |
| CVE | CVE-2021-3731 | LedgerSMB does not sufficiently guard against being wrapped by other sites, making it vulnerable to 'clickjacking'. This allows an attacker to trick | 2021-09-29 |
| CVE | CVE-2021-3694 | LedgerSMB does not sufficiently HTML-encode error messages sent to the browser. By sending a specially crafted URL to an authenticated user, this fla | 2021-09-29 |
| CVE | CVE-2021-3693 | LedgerSMB does not check the origin of HTML fragments merged into the browser's DOM. By sending a specially crafted URL to an authenticated user, thi | 2021-09-29 |
About
-
Send Feedback to @ubuntu_updates
