It was discovered that a cross site scripting vulnerability in GForge,
a collaborative development tool, allows remote attackers to inject
arbitrary web script or HTML in the context of a logged in user’s session.
For the oldstable distribution (sarge) this problem has been fixed in
version 3.1-31sarge3.
For the stable distribution (etch) this problem has been fixed in
version 4.5.14-22etch2.
For the unstable distribution (sid) this problem has been fixed in
version 4.6.99+svn6094-1.
We recommend that you upgrade your gforge package.
CPE | Name | Operator | Version |
---|---|---|---|
gforge | eq | 4.5.14-22etch1 | |
gforge | eq | 4.5.14-22 |