CVE-2010-3906

Опубликовано: 15 дек. 2010

Источник: redhat

CVSS2: 4.3

Описание

Cross-site scripting (XSS) vulnerability in Gitweb 1.7.3.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) f and (2) fp parameters.

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-79

https://bugzilla.redhat.com/show_bug.cgi?id=663609(gitweb): XSS due to missing escaping of HTML element attributes

4.3 Medium

CVSS2

Связанные уязвимости

CVE-2010-3906

ubuntu

больше 14 лет назад

Cross-site scripting (XSS) vulnerability in Gitweb 1.7.3.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) f and (2) fp parameters.

CVE-2010-3906

nvd

больше 14 лет назад

Cross-site scripting (XSS) vulnerability in Gitweb 1.7.3.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) f and (2) fp parameters.

CVE-2010-3906

debian

больше 14 лет назад

Cross-site scripting (XSS) vulnerability in Gitweb 1.7.3.3 and earlier ...

GHSA-3mrf-mhch-542p

github

около 3 лет назад

Cross-site scripting (XSS) vulnerability in Gitweb 1.7.3.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) f and (2) fp parameters.

ELSA-2010-1003

oracle-oval

больше 14 лет назад

ELSA-2010-1003: git security update (MODERATE)

4.3 Medium

CVSS2