An issue was discovered in Tiny Tiny RSS (aka tt-rss) before 2020-09-16. The cached_url feature mishandles JavaScript inside an SVG document.
References
Link | Resource |
---|---|
https://community.tt-rss.org/t/heads-up-several-vulnerabilities-fixed/3799 | Vendor Advisory |
https://git.tt-rss.org/fox/tt-rss/commit/da5af2fae091041cca27b24b6f0e69e4a6d0dc60 | Patch Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2020-09-19T20:17:49
Updated: 2020-09-19T20:17:49
Reserved: 2020-09-19T00:00:00
Link: CVE-2020-25789
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-09-19T21:15:12.063
Modified: 2020-09-29T15:11:53.717
Link: CVE-2020-25789
JSON object: View
Redhat Information
No data.
CWE