Skip to content

Commit fe4c07b

Browse files
tvdeyenRubySec CI
tvdeyen
authored and
RubySec CI
committed
Updated advisory posts against rubysec/ruby-advisory-db@13ca6fb 
1 parent e81bd91 commit fe4c07b

File tree

1 file changed

+4
-1
lines changed

1 file changed

+4
-1
lines changed

advisories/_posts/2022-05-14-CVE-2018-18307.md

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -18,13 +18,16 @@ advisory:
1818
cvss_v3: 5.9
1919
unaffected_versions:
2020
- "< 4.1.0"
21-
notes: Never patched
21+
patched_versions:
22+
- ">= 7.4.10"
2223
related:
2324
url:
2425
- https://nvd.nist.gov/vuln/detail/CVE-2018-18307
2526
- http://packetstormsecurity.com/files/149787/Alchemy-CMS-4.1-Stable-Cross-Site-Scripting.html
2627
- https://github.com/AlchemyCMS/alchemy_cms/blob/4.1-stable/app/controllers/alchemy/admin/base_controller.rb#L15
2728
- https://github.com/AlchemyCMS/alchemy_cms/blob/4.1-stable/app/controllers/alchemy/admin/pictures_controller.rb#L5
2829
- https://github.com/AlchemyCMS/alchemy_cms/blob/4.1-stable/app/controllers/alchemy/admin/resources_controller.rb#L21
30+
- https://github.com/AlchemyCMS/alchemy_cms/pull/3375
31+
- https://github.com/AlchemyCMS/alchemy_cms/releases/tag/v7.4.10
2932
- https://github.com/advisories/GHSA-7mj4-2984-955f
3033
---

0 commit comments

Comments
 (0)