Updated viewvc packages fix security vulnerability

ViewVC is vulnerable to cross-site scripting. The impact of these vulnerabilities is mitigated by the need for an attacker to have commit privileges to a Subversion repository exposed by an otherwise trusted ViewVC instance. The attack vector involves files with unsafe names names that, when...

MGASA-2023-0019 Updated viewvc packages fix security vulnerability

ViewVC is vulnerable to cross-site scripting. The impact of these vulnerabilities is mitigated by the need for an attacker to have commit privileges to a Subversion repository exposed by an otherwise trusted ViewVC instance. The attack vector involves files with unsafe names names that, when...

Debian: Security Advisory (DLA-3266-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 3266-1] viewvc security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3266-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb January 11, 2023 https://wiki.debian.org/LTS -...

Debian dla-3266 : viewvc - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3266 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3266-1 [email protected]...

DLA-3266-1 viewvc - security update

Bulletin has no description...

FreeBSD : devel/viewvc-devel is vulnerable to cross-site scripting (541696ed-8d12-11ed-af80-ecf4bbc0bda0)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 541696ed-8d12-11ed-af80-ecf4bbc0bda0 advisory. - ViewVC, a browser interface for CVS and Subversion version control repositories, as a...

CVE-2023-22464

ViewVC is a browser interface for CVS and Subversion version control repositories. Versions prior to 1.2.3 and 1.1.30 are vulnerable to cross-site scripting. The impact of this vulnerability is mitigated by the need for an attacker to have commit privileges to a Subversion repository exposed by a...

UBUNTU-CVE-2023-22464

ViewVC is a browser interface for CVS and Subversion version control repositories. Versions prior to 1.2.3 and 1.1.30 are vulnerable to cross-site scripting. The impact of this vulnerability is mitigated by the need for an attacker to have commit privileges to a Subversion repository exposed by a...

CVE-2023-22464

ViewVC is a browser interface for CVS and Subversion version control repositories. Versions prior to 1.2.3 and 1.1.30 are vulnerable to cross-site scripting. The impact of this vulnerability is mitigated by the need for an attacker to have commit privileges to a Subversion repository exposed by a...

Cross site scripting

ViewVC is a browser interface for CVS and Subversion version control repositories. Versions prior to 1.2.3 and 1.1.30 are vulnerable to cross-site scripting. The impact of this vulnerability is mitigated by the need for an attacker to have commit privileges to a Subversion repository exposed by a...

CVE-2023-22464 ViewVC XSS vulnerability in revision view changed path "copyfrom" locations

ViewVC is a browser interface for CVS and Subversion version control repositories. Versions prior to 1.2.3 and 1.1.30 are vulnerable to cross-site scripting. The impact of this vulnerability is mitigated by the need for an attacker to have commit privileges to a Subversion repository exposed by a...

CVE-2023-22464 ViewVC XSS vulnerability in revision view changed path "copyfrom" locations

ViewVC is a browser interface for CVS and Subversion version control repositories. Versions prior to 1.2.3 and 1.1.30 are vulnerable to cross-site scripting. The impact of this vulnerability is mitigated by the need for an attacker to have commit privileges to a Subversion repository exposed by a...

CVE-2023-22464 ViewVC XSS vulnerability in revision view changed path "copyfrom" locations

ViewVC is a browser interface for CVS and Subversion version control repositories. Versions prior to 1.2.3 and 1.1.30 are vulnerable to cross-site scripting. The impact of this vulnerability is mitigated by the need for an attacker to have commit privileges to a Subversion repository exposed by a...

CVE-2023-22464

Removed by vendor...

CVE-2023-22464

CVE-2023-22464 affects ViewVC (CVS/Subversion browser) prior to 1.2.3 (1.2.x) and 1.1.30 (1.1.x). The root cause is cross-site scripting via files with unsafe names that, when embedded in HTML, could execute code; impact is mitigated by requiring the attacker to have commit privileges to a Subver...

ViewVC 跨站脚本漏洞

ViewVC is a web-based tool for browsing CVS and SVN code repositories. A security vulnerability exists in ViewVC versions prior to 1.2.3 and 1.1.30, which originates from a cross-site scripting vulnerability that can be exploited by an attacker to cause the browser to run the specified code by...

devel/viewvc-devel is vulnerable to cross-site scripting

C. Michael Pilato reports: security fix: escape revision view copy paths 311 CVE-2023-22464 security fix: escape revision view changed paths 311 CVE-2023-22456...

CVE-2023-22456

ViewVC, a browser interface for CVS and Subversion version control repositories, as a cross-site scripting vulnerability that affects versions prior to 1.2.2 and 1.1.29. The impact of this vulnerability is mitigated by the need for an attacker to have commit privileges to a Subversion repository...

Cross site scripting

ViewVC, a browser interface for CVS and Subversion version control repositories, as a cross-site scripting vulnerability that affects versions prior to 1.2.2 and 1.1.29. The impact of this vulnerability is mitigated by the need for an attacker to have commit privileges to a Subversion repository...