Cross-site scripting (XSS) vulnerability in NuSOAP 0.9.5, as used in MantisBT and other products, allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to an arbitrary PHP script that uses NuSOAP classes.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | nusoap | < 0.7.3-4 | nusoap_0.7.3-4_all.deb |
Debian | 11 | all | nusoap | < 0.7.3-4 | nusoap_0.7.3-4_all.deb |
Debian | 10 | all | nusoap | < 0.7.3-4 | nusoap_0.7.3-4_all.deb |