Lucene search
GoogleOSV:DSA-1383-1HistoryOct 04, 2007 - 12:00 a.m.
gforge - cross-site scripting
2007-10-0400:00:00
Google
osv.dev
5
0.003 Low
EPSS
Percentile
66.4%
It was discovered that a cross site scripting vulnerability in GForge,
a collaborative development tool, allows remote attackers to inject
arbitrary web script or HTML in the context of a logged in user’s session.
For the oldstable distribution (sarge) this problem has been fixed in
version 3.1-31sarge3.
For the stable distribution (etch) this problem has been fixed in
version 4.5.14-22etch2.
For the unstable distribution (sid) this problem has been fixed in
version 4.6.99+svn6094-1.
We recommend that you upgrade your gforge package.
| CPE | Name | Operator | Version |
|---|---|---|---|
| gforge | eq | 4.5.14-22etch1 | |
| gforge | eq | 4.5.14-22 |
References
Related
cvelist
cvelist
CVE-2007-3918
2007-10-05 22:00:00
cve
cve
CVE-2007-3918
2007-10-05 22:17:00
openvas
openvas
Debian Security Advisory DSA 1383-1 (gforge)
2008-01-17 00:00:00
Debian: Security Advisory (DSA-1383-1)
2008-01-17 00:00:00
ubuntucve
ubuntucve
CVE-2007-3918
2007-10-05 00:00:00
nessus
nessus
Debian DSA-1383-1 : gforge - XSS
2007-10-09 00:00:00
GForge account/verify.php confirm_hash Parameter XSS
2007-10-08 00:00:00
nvd
nvd
CVE-2007-3918
2007-10-05 22:17:00
debian
debian
[SECURITY] [DSA 1383-1] New gforge packages fix cross-site scripting
2007-10-04 22:22:52
prion
prion
Cross site scripting
2007-10-05 22:17:00