Fedora 12 : viewvc-1.1.5-1.fc12 (2010-5524)

Full changelog: http://viewvc.tigris.org/source/browse/viewvc/trunk/CHANGES?r evision=2359&view=markup&pathrev=HEAD - security fix: escape user-provided searchre input to avoid XSS attack Note that Tenable Network Security has extracted the preceding description block directly from the Fedora...

Fedora 13 : viewvc-1.1.5-1.fc13 (2010-5805)

Full changelog: http://viewvc.tigris.org/source/browse/viewvc/trunk/CHANGES?r evision=2359&view=markup&pathrev=HEAD - security fix: escape user-provided searchre input to avoid XSS attack Note that Tenable Network Security has extracted the preceding description block directly from the Fedora...

Fedora 11 : viewvc-1.1.4-1.fc11 (2010-4326)

Update to upstream version 1.1.4, fixing one XSS flaw and several bugs: http://viewvc.tigris.org/source/browse/viewvc/trunk/CHANGES?revision=2 341 security fix: escape user-provided query form input to avoid XSS attack fix standalone.py failure when per-root options aren't used issue 445 fix...

Fedora 11 : viewvc-1.1.5-1.fc11 (2010-5507)

Full changelog: http://viewvc.tigris.org/source/browse/viewvc/trunk/CHANGES?r evision=2359&view=markup&pathrev=HEAD - security fix: escape user-provided searchre input to avoid XSS attack Note that Tenable Network Security has extracted the preceding description block directly from the Fedora...

openSUSE Security Update : viewvc (openSUSE-SU-2010:0098-1)

CVS support got broken by the previous viewvc update for CVE-2010-0132. This release fixes that again. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update viewvc-2268. The text description of this...

openSUSE Security Update : viewvc (openSUSE-SU-2010:0098-1)

CVS support got broken by the previous viewvc update for CVE-2010-0132. This release fixes that again. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update viewvc-2268. The text description of this...

[SECURITY] Fedora 13 Update: viewvc-1.1.5-1.fc13

ViewVC is a browser interface for CVS and Subversion version control repositories. It generates templatized HTML to present navigable directory, revision, and change log listings. It can display specific versions of files as well as diffs between those versions. Basically, ViewVC provides the bul...

openSUSE Security Update : viewvc (viewvc-2240)

The regular expression search feature didn't properly sanitize user input, therefore allowing attackers to conduct cross-site-scripting XSS attacks CVE-2010-0132. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSU...

openSUSE Security Update : viewvc (viewvc-2240)

The regular expression search feature didn't properly sanitize user input, therefore allowing attackers to conduct cross-site-scripting XSS attacks CVE-2010-0132. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSU...

openSUSE Security Update : viewvc (viewvc-2240)

The regular expression search feature didn't properly sanitize user input, therefore allowing attackers to conduct cross-site-scripting XSS attacks CVE-2010-0132. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSU...

Fedora Update for viewvc FEDORA-2010-5524

Check for the Version of viewvc OpenVAS Vulnerability Test Fedora Update for viewvc FEDORA-2010-5524 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...

Fedora Update for viewvc FEDORA-2010-5507

Check for the Version of viewvc OpenVAS Vulnerability Test Fedora Update for viewvc FEDORA-2010-5507 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...

Fedora Update for viewvc FEDORA-2010-5507

The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Fedora Update for viewvc FEDORA-2010-5524

The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

[SECURITY] Fedora 11 Update: viewvc-1.1.5-1.fc11

ViewVC is a browser interface for CVS and Subversion version control repositories. It generates templatized HTML to present navigable directory, revision, and change log listings. It can display specific versions of files as well as diffs between those versions. Basically, ViewVC provides the bul...

ViewVC viewvc.cgi search Parameter XSS

The remote web server is hosting a version of ViewVC that is affected by a cross-site scripting vulnerability in the 'search' parameter of the 'viewvc.cgi' script. An attacker, exploiting this flaw, could execute arbitrary script code in a user's browser. Note that successful exploitation require...

ViewVC < 1.0.11 / 1.1.5 Regex Search Cross-Site Scripting Vulnerability

Binary data 5501.prm...

CVE-2010-0132

Cross-site scripting XSS vulnerability in ViewVC 1.1 before 1.1.5 and 1.0 before 1.0.11, when the regular expression search functionality is enabled, allows remote attackers to inject arbitrary web script or HTML via vectors related to "searchre input," a different vulnerability than CVE-2010-073...

CVE-2010-0132

Cross-site scripting XSS vulnerability in ViewVC 1.1 before 1.1.5 and 1.0 before 1.0.11, when the regular expression search functionality is enabled, allows remote attackers to inject arbitrary web script or HTML via vectors related to "searchre input," a different vulnerability than CVE-2010-073...

Cross site scripting

Cross-site scripting XSS vulnerability in ViewVC 1.1 before 1.1.5 and 1.0 before 1.0.11, when the regular expression search functionality is enabled, allows remote attackers to inject arbitrary web script or HTML via vectors related to "searchre input," a different vulnerability than CVE-2010-073...