3 matches found
openSUSE Security Update : git (git-398)
A malicious repository owner could specify a custom git diff command and therefore could execute arbitrary commands. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update git-398. The text descripti...
CVE-2009-0026
Multiple cross-site scripting XSS vulnerabilities in Apache Jackrabbit before 1.5.2 allow remote attackers to inject arbitrary web script or HTML via the q parameter to 1 search.jsp or 2 swr.jsp...
CVE-2009-0026
Summary: CVE-2009-0026 affects Apache Jackrabbit prior to 1.5.2, enabling remote XSS via the q parameter to search.jsp and swr.jsp in the webapp. The root cause is improper escaping/validation of user input in these endpoints, allowing injection of arbitrary HTML/JavaScript into a user’s browser....