Lucene search
K

10 matches found

Tenable Nessus
Tenable Nessus
added 2010/07/01 12:0 a.m.29 views

Fedora 13 : viewvc-1.1.5-1.fc13 (2010-5805)

Full changelog: http://viewvc.tigris.org/source/browse/viewvc/trunk/CHANGES?r evision=2359&view=markup&pathrev=HEAD - security fix: escape user-provided searchre input to avoid XSS attack Note that Tenable Network Security has extracted the preceding description block directly from the Fedora...

2.6CVSS5.3AI score0.02334EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2010/04/12 12:0 a.m.27 views

openSUSE Security Update : viewvc (openSUSE-SU-2010:0098-1)

CVS support got broken by the previous viewvc update for CVE-2010-0132. This release fixes that again. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update viewvc-2268. The text description of this...

2.6CVSS5.3AI score0.02334EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2010/04/12 12:0 a.m.23 views

openSUSE Security Update : viewvc (openSUSE-SU-2010:0098-1)

CVS support got broken by the previous viewvc update for CVE-2010-0132. This release fixes that again. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update viewvc-2268. The text description of this...

2.6CVSS5.3AI score0.02334EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2010/04/09 12:0 a.m.24 views

openSUSE Security Update : viewvc (viewvc-2240)

The regular expression search feature didn't properly sanitize user input, therefore allowing attackers to conduct cross-site-scripting XSS attacks CVE-2010-0132. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSU...

2.6CVSS5.3AI score0.02334EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2010/04/09 12:0 a.m.34 views

openSUSE Security Update : viewvc (viewvc-2240)

The regular expression search feature didn't properly sanitize user input, therefore allowing attackers to conduct cross-site-scripting XSS attacks CVE-2010-0132. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSU...

2.6CVSS5.3AI score0.02334EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2010/04/06 12:0 a.m.22 views

Fedora Update for viewvc FEDORA-2010-5524

The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

2.6CVSS6.5AI score0.02334EPSS
Exploits0References2
NVD
NVD
added 2010/03/31 6:0 p.m.19 views

CVE-2010-0132

Cross-site scripting XSS vulnerability in ViewVC 1.1 before 1.1.5 and 1.0 before 1.0.11, when the regular expression search functionality is enabled, allows remote attackers to inject arbitrary web script or HTML via vectors related to "searchre input," a different vulnerability than CVE-2010-073...

2.6CVSS5.5AI score0.02334EPSS
Exploits0References10
UbuntuCve
UbuntuCve
added 2010/03/31 6:0 p.m.28 views

CVE-2010-0132

Cross-site scripting XSS vulnerability in ViewVC 1.1 before 1.1.5 and 1.0 before 1.0.11, when the regular expression search functionality is enabled, allows remote attackers to inject arbitrary web script or HTML via vectors related to "searchre input," a different vulnerability than CVE-2010-073...

2.6CVSS6AI score0.02334EPSS
Exploits0References1
CVE
CVE
added 2010/03/31 5:35 p.m.66 views

CVE-2010-0132

CVE-2010-0132 is an XSS vulnerability in ViewVC where the regular expression search feature did not sanitize user input, allowing injected scripts via search_re inputs. The vulnerability affects multiple branches/versions: ViewVC 1.1.x before 1.1.5 and 1.0.x before 1.0.11 (initial description), a...

2.6CVSS5.5AI score0.02334EPSS
Exploits0References10Affected Software1
securityvulns
securityvulns
added 2010/03/31 12:0 a.m.69 views

Secunia Research: ViewVC Regular Expression Search Cross-Site Scripting

====================================================================== Secunia Research 30/03/2010 - ViewVC Regular Expression Search Cross-Site Scripting - ====================================================================== Table of Contents Affected...

2.6CVSS0.9AI score0.02334EPSS
Exploits0
Rows per page
Query Builder