9 matches found
CVE-2010-1625
Cross-site scripting XSS vulnerability in LXR Cross Referencer before 0.9.7 allows remote attackers to inject arbitrary web script or HTML via vectors related to the search body and the results page for a search, a different vulnerability than CVE-2009-4497 and CVE-2010-1448...
Debian DSA-2092-1 : lxr-cvs - missing input sanitizing
Dan Rosenberg discovered that in lxr-cvs, a code-indexing tool with a web frontend, not enough sanitation of user input is performed; an attacker can take advantage of this and pass script code in order to perform cross-site scripting attacks. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...
[SECURITY] [DSA 2092-1] New lxr-cvs packages fix cross-site scripting
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-2092-1 [email protected] http://www.debian.org/security/ Sebastien Delafond Aug 17th, 2010 http://www.debian.org/security/faq -...
[SECURITY] [DSA 2092-1] New lxr-cvs packages fix cross-site scripting
------------------------------------------------------------------------ Debian Security Advisory DSA-2092-1 [email protected] http://www.debian.org/security/ Sébastien Delafond Aug 17th, 2010 http://www.debian.org/security/faq -...
CVE-2010-1625
Cross-site scripting XSS vulnerability in LXR Cross Referencer before 0.9.7 allows remote attackers to inject arbitrary web script or HTML via vectors related to the search body and the results page for a search, a different vulnerability than CVE-2009-4497 and CVE-2010-1448...
CVE-2010-1625
Cross-site scripting XSS vulnerability in LXR Cross Referencer before 0.9.7 allows remote attackers to inject arbitrary web script or HTML via vectors related to the search body and the results page for a search, a different vulnerability than CVE-2009-4497 and CVE-2010-1448...
Cross site scripting
Cross-site scripting XSS vulnerability in lib/LXR/Common.pm in LXR Cross Referencer before 0.9.8 allows remote attackers to inject arbitrary web script or HTML via vectors related to a string in the search page's TITLE element, a different vulnerability than CVE-2009-4497 and CVE-2010-1625...
CVE-2010-1625
Cross-site scripting XSS vulnerability in LXR Cross Referencer before 0.9.7 allows remote attackers to inject arbitrary web script or HTML via vectors related to the search body and the results page for a search, a different vulnerability than CVE-2009-4497 and CVE-2010-1448...
CVE-2010-1625
CVE-2010-1625 is tied to the lxr-cvs project (Debian DSA-2092-1). The issue is a remote cross-site scripting (XSS) vulnerability caused by insufficient input sanitizing in the code-indexing tool with a web frontend. An attacker could inject script code via user-supplied input processed on the sea...