3 matches found
CVE-2009-2947
Cross-site scripting XSS vulnerability in Xapian Omega before 1.0.16 allows remote attackers to inject arbitrary web script or HTML via unspecified CGI parameter values, which are sometimes included in exception messages...
CVE-2009-2947
CVE-2009-2947 affects Xapian Omega prior to 1.0.16. The Debian/OSS advisories describe a flaw where xapian-omega does not properly escape user input when printing exceptions, enabling cross-site scripting via crafted CGI parameter values. Affected component: xapian-omega CGI interface; root cause...
[SECURITY] [DSA 1882-1] New xapian-omega packages fix cross-site scripting
-------------------------------------------------------------------------- Debian Security Advisory DSA-1882-1 [email protected] http://www.debian.org/security/ Nico Golde September 9th, 2009 http://www.debian.org/security/faq -...