Описание
Cross-site scripting (XSS) vulnerability in ViewVC 1.1 before 1.1.5 and 1.0 before 1.0.11, when the regular expression search functionality is enabled, allows remote attackers to inject arbitrary web script or HTML via vectors related to "search_re input," a different vulnerability than CVE-2010-0736.
Cross-site scripting (XSS) vulnerability in ViewVC 1.1 before 1.1.5 and 1.0 before 1.0.11, when the regular expression search functionality is enabled, allows remote attackers to inject arbitrary web script or HTML via vectors related to "search_re input," a different vulnerability than CVE-2010-0736.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2010-0132
- http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038420.html
- http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038456.html
- http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038925.html
- http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00002.html
- http://secunia.com/advisories/38918
- http://secunia.com/secunia_research/2010-26
- http://viewvc.tigris.org/source/browse/viewvc/trunk/CHANGES?r1=2342&r2=2359&pathrev=HEAD
- http://www.securityfocus.com/archive/1/510408/100/0/threaded
- http://www.vupen.com/english/advisories/2010/0743
- http://www.vupen.com/english/advisories/2010/0844
Связанные уязвимости
Cross-site scripting (XSS) vulnerability in ViewVC 1.1 before 1.1.5 and 1.0 before 1.0.11, when the regular expression search functionality is enabled, allows remote attackers to inject arbitrary web script or HTML via vectors related to "search_re input," a different vulnerability than CVE-2010-0736.
Cross-site scripting (XSS) vulnerability in ViewVC 1.1 before 1.1.5 and 1.0 before 1.0.11, when the regular expression search functionality is enabled, allows remote attackers to inject arbitrary web script or HTML via vectors related to "search_re input," a different vulnerability than CVE-2010-0736.
Cross-site scripting (XSS) vulnerability in ViewVC 1.1 before 1.1.5 an ...