From: nodiscc Date: Sun, 22 Oct 2017 23:06:11 +0000 (+0200) Subject: Changelog: link to CVE-2017-15215, give attribution X-Git-Tag: v0.9.4~38^2 X-Git-Url: https://git.immae.eu/?a=commitdiff_plain;h=fc2beb8c6aa4d423b55ba95809941f2eba6fea2a;p=github%2Fshaarli%2FShaarli.git Changelog: link to CVE-2017-15215, give attribution --- diff --git a/CHANGELOG.md b/CHANGELOG.md index 120c5d22..33feac20 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -40,7 +40,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/). ### Security -- Vulnerability introduced in v0.9.1 fixed. +- Fixed reflected XSS vulnerability introduced in v0.9.1, discovered by @chb9 ([CVE-2017-15215](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15215)). ## [v0.9.1](https://github.com/shaarli/Shaarli/releases/tag/v0.9.1) - 2017-08-23