Описание
Cross-site scripting (XSS) vulnerability in view.php in the file viewer in Horde Gollem before 1.1.2 allows remote attackers to inject arbitrary web script or HTML via the file parameter in a view_file action.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| gollem | fixed | 1.1.1+debian0-1.1 | package | |
| gollem | not-affected | lenny | package |
Примечания
http://bugs.horde.org/ticket/9191
Связанные уязвимости
Cross-site scripting (XSS) vulnerability in view.php in the file viewer in Horde Gollem before 1.1.2 allows remote attackers to inject arbitrary web script or HTML via the file parameter in a view_file action.
Cross-site scripting (XSS) vulnerability in view.php in the file viewer in Horde Gollem before 1.1.2 allows remote attackers to inject arbitrary web script or HTML via the file parameter in a view_file action.
Cross-site scripting (XSS) vulnerability in view.php in the file viewer in Horde Gollem before 1.1.2 allows remote attackers to inject arbitrary web script or HTML via the file parameter in a view_file action.