Parallel change for #144

briandfoy · Mar 9, 2024 · 004a344 · 004a344
1 parent ddd36e8
commit 004a344
Showing 1 changed file with 0 additions and 16 deletions.
diff --git a/cpansa/CPANSA-MT.yml b/cpansa/CPANSA-MT.yml
@@ -323,22 +323,6 @@ advisories:
   - http://seclists.org/oss-sec/2013/q2/560
   reported: 2015-03-27
   severity: ~
-- affected_versions: '>=4.20,<4.38'
-  cves:
-  - CVE-2013-0209
-  description: |
-    lib/MT/Upgrade.pm in mt-upgrade.cgi in Movable Type 4.2x and 4.3x through 4.38 does not require authentication for requests to database-migration functions, which allows remote attackers to conduct eval injection and SQL injection attacks via crafted parameters, as demonstrated by an eval injection attack against the core_drop_meta_for_table function, leading to execution of arbitrary Perl code.
-  fixed_versions: ~
-  github_security_advisory:
-  - GHSA-qhr8-p6mw-gmf5
-  id: CPANSA-MT-2013-0209
-  references:
-  - http://www.sec-1.com/blog/wp-content/uploads/2013/01/movabletype_upgrade_exec.rb_.txt
-  - http://www.movabletype.org/2013/01/movable_type_438_patch.html
-  - http://openwall.com/lists/oss-security/2013/01/22/3
-  - http://www.sec-1.com/blog/?p=402
-  reported: 2013-01-23
-  severity: ~
 - affected_versions: =5.13
   cves:
   - CVE-2012-1503