ViewVC < 1.0.9 Multiple Vulnerabilities

2009-08-13T00:00:00
ID 5131.PRM
Type nessus
Reporter Tenable
Modified 2019-03-06T00:00:00

Description

The remote host is running ViewVC, a web-based interface for CVS and Subversion. The installed version of ViewVC is earlier than 1.0.9. Such versions are potentially affected by multiple issues :

  • A cross-site scripting vulnerability in the 'view' parameter.

  • An unspecified vulnerability that may allow attackers to print illegal parameter names and values.

                                        
                                            Binary data 5131.prm