changelog: better specified CVE description

Previous commit was wrong. Fixes #3372, really.
2026-05-05 12:16:45 +02:00 · 2018-05-04 23:24:58 +02:00 · 2018-05-04 23:24:58 +02:00 · e13ae0aec5
commit e13ae0aec5
parent 10d555bc91
1 changed files with 3 additions and 3 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -6,9 +6,9 @@
 * FIX: unbreak Safari iOS line wrapping

 # 1.6.4
- * SECURITY: exploitable /admin access - CVE-2018-9845
- * SECURITY: DoS with pad exports and arbitrary code execution - CVE-2018-9327
- * SECURITY: Remote Code Execution - CVE-2018-9326
+ * SECURITY: Access Control bypass on /admin - CVE-2018-9845
+ * SECURITY: Remote Code Execution through pad export - CVE-2018-9327
+ * SECURITY: Remote Code Execution through JSONP handling - CVE-2018-9326
 * SECURITY: Pad data leak - CVE-2018-9325
 * Fix: Admin redirect URL
 * Fix: Various script Fixes