그누보드 2022년 6월 20일자 보안패치 업데이트 5.5.8.1
페이지 정보
본문
# 변경된 사항
버전 5.5.8.1 수정
https://github.com/gnuboard/gnuboard5/commit/2366e8ebfbf57833388a32664d6ca75a6376183e
sql_query 함수내 불필요한 코드 삭제
https://github.com/gnuboard/gnuboard5/commit/a0bfc2cf6a201668e0601957b9ba96be8fbbc2b6
[KVE-2022-0193] 그누보드(영카트) SSRF & Business Logic Bug 취약점 수정
https://github.com/gnuboard/gnuboard5/commit/22ea3d39c17beb59e2950f039a1f33e65c364b5e
안전하지 않는 변수에 필터링 추가
https://github.com/gnuboard/gnuboard5/commit/d4f4612b2245254a245e480f9a9b3b3c01eab950
[KVE-2022-0158] 그누보드(영카트)5 Reflected XSS 및 SQL Injection 취약점 수정
https://github.com/gnuboard/gnuboard5/commit/e061ad852be4f60c1957e38e0109944dcca9aaf4
[KVE-2022-0133] 그누보드 XSS, CSRF 취약점 수정
https://github.com/gnuboard/gnuboard5/commit/4883fb18aedf60dd01c6aa4f6d7fbded10061847
[KVE-2022-0143] 그누보드 Open Redirect, Reflected XSS 취약점 수정
https://github.com/gnuboard/gnuboard5/commit/32e9797fef86f3a04378fc42836931c39fd59b3a
[KVE-2022-0120]그누보드_부적절한_권한_검증_취약점_수정
https://github.com/gnuboard/gnuboard5/commit/bafa1c43bf3ccfe576597555d2ef68a205ced828
check_url_host 함수에 hook 적용
https://github.com/gnuboard/gnuboard5/commit/d8b6297579c721ba16f9243d96522c379e83ab30
[KVE-2022-0137] 그누보드 XSS, SQL Injection 취약점 수정
https://github.com/gnuboard/gnuboard5/commit/251dfc26e8252138f9b579b78be62a12444b2323
관련링크
-
https://sir.kr/g5_pds/6547
74회 연결