3 matches found
[SECURITY] [DSA 711-1] New info2www packages fix cross-site scripting vulnerability
-------------------------------------------------------------------------- Debian Security Advisory DSA 711-1 [email protected] http://www.debian.org/security/ Martin Schulze April 19th, 2005 http://www.debian.org/security/faq -...
CVE-2004-1341
CVE-2004-1341: XSS in info2www prior to 1.2.2.9. Debian DSA-711-1 fixes this remote vulnerability in info2www; affected versions for woody are resolved in 1.2.2.9-20woody1 and in sid with 1.2.2.9-23. OpenVAS/DSA entries confirm the fix. No details beyond the Debian advisory are provided here.
Debian DSA-711-1 : info2www - missing input sanitising
Nicolas Gregoire discovered a cross-site scripting vulnerability in info2www, a converter for info files to HTML. A malicious person could place a harmless looking link on the web that could cause arbitrary commands to be executed in the browser of the victim user. %NASLMINLEVEL 70300 C Tenable...