Update GHSA-cjfr-9f5r-3q93.json #5571
Conversation
There was a problem hiding this comment.
Pull Request Overview
Update the GHSA-cjfr-9f5r-3q93 advisory by adding two additional patch commit references.
- Add a WEB reference for commit
0eb171f…on another branch - Add a WEB reference for commit
db399b8…on another branch
| "summary": "This patch commit is on another branch." | ||
| }, | ||
| { | ||
| "type": "WEB", | ||
| "url": "https://github.com/TYPO3-CMS/belog/commit/db399b80d94bd174e6699eccaf3fac7772a898a9", | ||
| "summary": "This patch commit is on another branch." |
There was a problem hiding this comment.
[nitpick] The summary is vague and doesn’t describe what the patch actually does. Consider expanding it to explain the purpose or the fix included in this commit.
| "summary": "This patch commit is on another branch." | |
| }, | |
| { | |
| "type": "WEB", | |
| "url": "https://github.com/TYPO3-CMS/belog/commit/db399b80d94bd174e6699eccaf3fac7772a898a9", | |
| "summary": "This patch commit is on another branch." | |
| "summary": "Fixes CSRF vulnerability by enforcing HTTP POST for state-changing actions in the Log Module." | |
| }, | |
| { | |
| "type": "WEB", | |
| "url": "https://github.com/TYPO3-CMS/belog/commit/db399b80d94bd174e6699eccaf3fac7772a898a9", | |
| "summary": "Improves backend security by adding referrer checks and addressing misconfigured SameSite cookie settings." |
Copilot uses AI. Check for mistakes.
| "summary": "This patch commit is on another branch." | ||
| }, | ||
| { | ||
| "type": "WEB", | ||
| "url": "https://github.com/TYPO3-CMS/belog/commit/db399b80d94bd174e6699eccaf3fac7772a898a9", | ||
| "summary": "This patch commit is on another branch." |
There was a problem hiding this comment.
[nitpick] This summary is identical to the previous entry and remains non-descriptive. It would be clearer to specify the change or vulnerability addressed by this patch.
| "summary": "This patch commit is on another branch." | |
| }, | |
| { | |
| "type": "WEB", | |
| "url": "https://github.com/TYPO3-CMS/belog/commit/db399b80d94bd174e6699eccaf3fac7772a898a9", | |
| "summary": "This patch commit is on another branch." | |
| "summary": "This patch addresses the CSRF vulnerability in the Log Module on the 'release-12.4' branch." | |
| }, | |
| { | |
| "type": "WEB", | |
| "url": "https://github.com/TYPO3-CMS/belog/commit/db399b80d94bd174e6699eccaf3fac7772a898a9", | |
| "summary": "This patch addresses the CSRF vulnerability in the Log Module on the 'release-11.5' branch." |
Copilot uses AI. Check for mistakes.
bba6fca
into
github:zly123987/advisory-improvement-5571
|
Hi @zly123987! Thank you so much for contributing to the GitHub Advisory Database. This database is free, open, and accessible to all, and it's people like you who make it great. Thanks for choosing to help others. We hope you send in more contributions in the future! |
Updates
Comments