Lucene search

K
debiancveDebian Security Bug TrackerDEBIANCVE:CVE-2009-2959
HistoryAug 25, 2009 - 5:30 p.m.

CVE-2009-2959

2009-08-2517:30:00
Debian Security Bug Tracker
security-tracker.debian.org
19
cross-site scripting
buildbot
arbitrary web script
html
vulnerability
waterfall web status

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

EPSS

0.003

Percentile

69.4%

Cross-site scripting (XSS) vulnerability in the waterfall web status view (status/web/waterfall.py) in Buildbot 0.7.6 through 0.7.11p1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

EPSS

0.003

Percentile

69.4%