368 matches found
CVE-2010-0132
Cross-site scripting XSS vulnerability in ViewVC 1.1 before 1.1.5 and 1.0 before 1.0.11, when the regular expression search functionality is enabled, allows remote attackers to inject arbitrary web script or HTML via vectors related to "searchre input," a different vulnerability than CVE-2010-073...
CVE-2010-0132
Removed by vendor...
CVE-2010-0132
CVE-2010-0132 is an XSS vulnerability in ViewVC where the regular expression search feature did not sanitize user input, allowing injected scripts via search_re inputs. The vulnerability affects multiple branches/versions: ViewVC 1.1.x before 1.1.5 and 1.0.x before 1.0.11 (initial description), a...
Secunia Research: ViewVC Regular Expression Search Cross-Site Scripting
====================================================================== Secunia Research 30/03/2010 - ViewVC Regular Expression Search Cross-Site Scripting - ====================================================================== Table of Contents Affected...
ViewVC Regular Expression Search Cross Site Scripting Vulnerability
ViewVC is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site and steal cookie-based...
ViewVC Regular Expression Search Cross Site Scripting Vulnerability
ViewVC is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied data. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
openSUSE Security Update : viewvc (viewvc-2147)
Query forms didn't escape user provided input, therefore allowing cross-site-scripting XSS attacks. CVE-2010-0736 has been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Upda...
openSUSE Security Update : viewvc (viewvc-2147)
Query forms didn't escape user provided input, therefore allowing cross-site-scripting XSS attacks. CVE-2010-0736 has been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Upda...
openSUSE Security Update : viewvc (viewvc-2147)
Query forms didn't escape user provided input, therefore allowing cross-site-scripting XSS attacks. CVE-2010-0736 has been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Upda...
Fedora Update for viewvc FEDORA-2010-4295
The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Update for viewvc FEDORA-2010-4295
Check for the Version of viewvc OpenVAS Vulnerability Test Fedora Update for viewvc FEDORA-2010-4295 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...
Fedora Update for viewvc FEDORA-2010-4326
Check for the Version of viewvc OpenVAS Vulnerability Test Fedora Update for viewvc FEDORA-2010-4326 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...
Fedora Update for viewvc FEDORA-2010-4326
The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Cross site scripting
Cross-site scripting XSS vulnerability in the viewqueryform function in lib/viewvc.py in ViewVC before 1.0.10, and 1.1.x before 1.1.4, allows remote attackers to inject arbitrary web script or HTML via "user-provided input."...
CVE-2010-0736
Removed by vendor...
[SECURITY] Fedora 11 Update: viewvc-1.1.4-1.fc11
ViewVC is a browser interface for CVS and Subversion version control repositories. It generates templatized HTML to present navigable directory, revision, and change log listings. It can display specific versions of files as well as diffs between those versions. Basically, ViewVC provides the bul...
[SECURITY] Fedora 12 Update: viewvc-1.1.4-1.fc12
ViewVC is a browser interface for CVS and Subversion version control repositories. It generates templatized HTML to present navigable directory, revision, and change log listings. It can display specific versions of files as well as diffs between those versions. Basically, ViewVC provides the bul...
ViewVC 'lib/viewvc.py' Cross Site Scripting Vulnerability
ViewVC is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site and steal cookie-based...
ViewVC 'lib/viewvc.py' Cross Site Scripting Vulnerability
ViewVC is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied data. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
[SECURITY] Fedora 13 Update: viewvc-1.1.4-1.fc13
ViewVC is a browser interface for CVS and Subversion version control repositories. It generates templatized HTML to present navigable directory, revision, and change log listings. It can display specific versions of files as well as diffs between those versions. Basically, ViewVC provides the bul...