[GHSA-cm59-8rmv-f2cj] Improve advisory details: reference incomplete fix for CVE-2024-5125

advisories/github-reviewed/2024/10/GHSA-cm59-8rmv-f2cj/GHSA-cm59-8rmv-f2cj.json

@@ -7,7 +7,7 @@
     "CVE-2024-6581"
   ],
   "summary": "Lollms vulnerable to Cross-site Scripting",
-  "details": "A vulnerability in the discussion image upload function of the Lollms application, version v9.9, allows for the uploading of SVG files. Due to incomplete filtering in the sanitize_svg function, this can lead to cross-site scripting (XSS) vulnerabilities, which in turn pose a risk of remote code execution. The sanitize_svg function only removes script elements and 'on*' event attributes, but does not account for other potential vectors for XSS within SVG files. This vulnerability can be exploited when authorized users access a malicious URL containing the crafted SVG file.",
+  "details": "A vulnerability in the discussion image upload function of the Lollms application, version v9.9, allows for the uploading of SVG files. Due to incomplete filtering in the sanitize_svg function, this can lead to cross-site scripting (XSS) vulnerabilities, which in turn pose a risk of remote code execution. The sanitize_svg function only removes script elements and 'on*' event attributes, but does not account for other potential vectors for XSS within SVG files. This vulnerability can be exploited when authorized users access a malicious URL containing the crafted SVG file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2024-5125. This vulnerability exists due to incomplete filtering in `sanitize_svg()`, which was partially patched in CVE-2024-5125(https://github.com/advisories/GHSA-8p2m-96j6-h5p5). The earlier fix only addressed `<script>` elements and `on*` attributes.",
   "severity": [
     {
       "type": "CVSS_V3",
@@ -70,4 +70,4 @@
     "github_reviewed_at": "2024-11-01T22:03:33Z",
     "nvd_published_at": "2024-10-29T13:15:07Z"
   }
-}
+}