Upstream information

CVE-2024-26482 at MITRE

Description

** DISPUTED ** An HTML injection vulnerability exists in the Edit Content Layout module of Kirby CMS v4.1.0. NOTE: the vendor disputes the significance of this report because some HTML formatting (such as with an H1 element) is allowed, but there is backend sanitization such that the reporter's mentioned "injecting malicious scripts" would not occur.

SUSE information

Overall state of this security issue: Does not affect SUSE products

This issue is currently rated as having not set severity.

Note from the SUSE Security Team on the kernel-default package

SUSE will no longer fix all CVEs in the Linux Kernel anymore, but declare some bug classes as won't fix. Please refer to TID 21496 for more details.

No SUSE Bugzilla entries cross referenced.

No SUSE Security Announcements cross referenced.

List of packages in QA

Product(s) Package(s)
SUSE Linux Enterprise High Availability Extension 15 SP6
  • cluster-md-kmp-default >= 6.4.0-150600.23.14.2
  • dlm-kmp-default >= 6.4.0-150600.23.14.2
  • gfs2-kmp-default >= 6.4.0-150600.23.14.2
  • ocfs2-kmp-default >= 6.4.0-150600.23.14.2
SUSE Linux Enterprise Live Patching 15 SP6
  • kernel-default-livepatch >= 6.4.0-150600.23.14.2
  • kernel-default-livepatch-devel >= 6.4.0-150600.23.14.2
  • kernel-livepatch-6_4_0-150600_23_14-default >= 1-150600.13.3.2
SUSE Linux Enterprise Module for Basesystem 15 SP6
  • kernel-64kb >= 6.4.0-150600.23.14.1
  • kernel-64kb-devel >= 6.4.0-150600.23.14.1
  • kernel-default >= 6.4.0-150600.23.14.2
  • kernel-default-base >= 6.4.0-150600.23.14.2.150600.12.4.3
  • kernel-default-devel >= 6.4.0-150600.23.14.2
  • kernel-devel >= 6.4.0-150600.23.14.2
  • kernel-macros >= 6.4.0-150600.23.14.2
  • kernel-zfcpdump >= 6.4.0-150600.23.14.2
SUSE Linux Enterprise Server 15 SP6
  • kernel-64kb >= 6.4.0-150600.23.14.1
  • kernel-64kb-devel >= 6.4.0-150600.23.14.1
  • kernel-default >= 6.4.0-150600.23.14.2
  • kernel-default-base >= 6.4.0-150600.23.14.2.150600.12.4.3
  • kernel-default-devel >= 6.4.0-150600.23.14.2
  • kernel-devel >= 6.4.0-150600.23.14.2
  • kernel-macros >= 6.4.0-150600.23.14.2
  • kernel-zfcpdump >= 6.4.0-150600.23.14.2
SUSE Linux Enterprise Desktop 15 SP6
  • kernel-64kb >= 6.4.0-150600.23.14.1
  • kernel-64kb-devel >= 6.4.0-150600.23.14.1
  • kernel-default >= 6.4.0-150600.23.14.2
  • kernel-default-base >= 6.4.0-150600.23.14.2.150600.12.4.3
  • kernel-default-devel >= 6.4.0-150600.23.14.2
  • kernel-devel >= 6.4.0-150600.23.14.2
  • kernel-macros >= 6.4.0-150600.23.14.2
  • kernel-zfcpdump >= 6.4.0-150600.23.14.2
SUSE Linux Enterprise Server for SAP Applications 15 SP6
  • kernel-64kb >= 6.4.0-150600.23.14.1
  • kernel-64kb-devel >= 6.4.0-150600.23.14.1
  • kernel-default >= 6.4.0-150600.23.14.2
  • kernel-default-base >= 6.4.0-150600.23.14.2.150600.12.4.3
  • kernel-default-devel >= 6.4.0-150600.23.14.2
  • kernel-devel >= 6.4.0-150600.23.14.2
  • kernel-macros >= 6.4.0-150600.23.14.2
  • kernel-zfcpdump >= 6.4.0-150600.23.14.2
SUSE Linux Enterprise High Performance Computing 15 SP6
  • kernel-64kb >= 6.4.0-150600.23.14.1
  • kernel-64kb-devel >= 6.4.0-150600.23.14.1
  • kernel-default >= 6.4.0-150600.23.14.2
  • kernel-default-base >= 6.4.0-150600.23.14.2.150600.12.4.3
  • kernel-default-devel >= 6.4.0-150600.23.14.2
  • kernel-devel >= 6.4.0-150600.23.14.2
  • kernel-macros >= 6.4.0-150600.23.14.2
  • kernel-zfcpdump >= 6.4.0-150600.23.14.2
SUSE Linux Enterprise Module for Development Tools 15 SP6
  • kernel-docs >= 6.4.0-150600.23.14.2
  • kernel-obs-build >= 6.4.0-150600.23.14.2
  • kernel-source >= 6.4.0-150600.23.14.2
  • kernel-syms >= 6.4.0-150600.23.14.2
SUSE Linux Enterprise Server 15 SP6
  • kernel-docs >= 6.4.0-150600.23.14.2
  • kernel-obs-build >= 6.4.0-150600.23.14.2
  • kernel-source >= 6.4.0-150600.23.14.2
  • kernel-syms >= 6.4.0-150600.23.14.2
SUSE Linux Enterprise Desktop 15 SP6
  • kernel-docs >= 6.4.0-150600.23.14.2
  • kernel-obs-build >= 6.4.0-150600.23.14.2
  • kernel-source >= 6.4.0-150600.23.14.2
  • kernel-syms >= 6.4.0-150600.23.14.2
SUSE Linux Enterprise Server for SAP Applications 15 SP6
  • kernel-docs >= 6.4.0-150600.23.14.2
  • kernel-obs-build >= 6.4.0-150600.23.14.2
  • kernel-source >= 6.4.0-150600.23.14.2
  • kernel-syms >= 6.4.0-150600.23.14.2
SUSE Linux Enterprise High Performance Computing 15 SP6
  • kernel-docs >= 6.4.0-150600.23.14.2
  • kernel-obs-build >= 6.4.0-150600.23.14.2
  • kernel-source >= 6.4.0-150600.23.14.2
  • kernel-syms >= 6.4.0-150600.23.14.2
SUSE Linux Enterprise Module for Legacy 15 SP6
  • reiserfs-kmp-default >= 6.4.0-150600.23.14.2
SUSE Linux Enterprise Server 15 SP6
  • reiserfs-kmp-default >= 6.4.0-150600.23.14.2
SUSE Linux Enterprise Server for SAP Applications 15 SP6
  • reiserfs-kmp-default >= 6.4.0-150600.23.14.2
SUSE Linux Enterprise High Performance Computing 15 SP6
  • reiserfs-kmp-default >= 6.4.0-150600.23.14.2
SUSE Linux Enterprise Workstation Extension 15 SP6
  • kernel-default-extra >= 6.4.0-150600.23.14.2
SUSE Linux Enterprise Server 15 SP6
  • kernel-default-extra >= 6.4.0-150600.23.14.2
SUSE Linux Enterprise Server for SAP Applications 15 SP6
  • kernel-default-extra >= 6.4.0-150600.23.14.2
SUSE Linux Enterprise Desktop 15 SP6
  • kernel-default-extra >= 6.4.0-150600.23.14.2

SUSE Timeline for this CVE

CVE page created: Thu Feb 22 07:00:09 2024
CVE page last modified: Tue Jul 16 12:29:09 2024