Lucene search
MitreCVELIST:CVE-2017-5938HistoryMar 15, 2017 - 2:00 p.m.
CVE-2017-5938
2017-03-1514:00:00
mitre
www.cve.org
6
EPSS
0.002
Percentile
53.9%
Cross-site scripting (XSS) vulnerability in the nav_path function in lib/viewvc.py in ViewVC before 1.0.14 and 1.1.x before 1.1.26 allows remote attackers to inject arbitrary web script or HTML via the nav_data name.
References
lists.opensuse.org/opensuse-updates/2017-02/msg00082.html
www.debian.org/security/2017/dsa-3784
www.openwall.com/lists/oss-security/2017/02/09/6
www.securityfocus.com/bid/96185
github.com/viewvc/viewvc/commit/9dcfc7daa4c940992920d3b2fbd317da20e44aad
github.com/viewvc/viewvc/issues/137
github.com/viewvc/viewvc/releases/tag/1.0.14
github.com/viewvc/viewvc/releases/tag/1.1.26
Related
nessus
nessus
Debian DSA-3784-1 : viewvc - security update
2017-02-10 00:00:00
Debian DLA-820-1 : viewvc security update
2017-02-10 00:00:00
openSUSE Security Update : viewvc (openSUSE-2017-274)
2017-02-21 00:00:00
osv
osv
viewvc - security update
2017-02-09 00:00:00
viewvc - security update
2017-02-09 00:00:00
CVE-2017-5938
2017-03-15 14:59:00
ubuntucve
ubuntucve
CVE-2017-5938
2017-03-15 00:00:00
mageia
mageia
Updated viewvc packages fix security vulnerability
2017-02-18 19:29:09
openvas
openvas
Debian: Security Advisory (DLA-820-1)
2018-01-04 00:00:00
Mageia: Security Advisory (MGASA-2017-0048)
2022-01-28 00:00:00
Debian Security Advisory DSA 3784-1 (viewvc - security update)
2017-02-09 00:00:00
debiancve
debiancve
CVE-2017-5938
2017-03-15 14:59:00
nvd
nvd
CVE-2017-5938
2017-03-15 14:59:00
CVE-2017-1000019
2017-05-07 20:29:00
debian
debian
[SECURITY] [DLA 820-1] viewvc security update
2017-02-09 22:58:55
[SECURITY] [DSA 3784-1] viewvc security update
2017-02-09 14:09:48
[SECURITY] [DSA 3784-1] viewvc security update
2017-02-09 14:09:48
prion
prion
Cross site scripting
2017-03-15 14:59:00
cve
cve
CVE-2017-5938
2017-03-15 14:59:00
CVE-2017-1000019
2017-05-07 20:29:00