2 matches found
CVE-2007-2808
Cross-site scripting XSS vulnerability in gnatsweb.pl in Gnatsweb 4.00 and Gnats 4.1.99 allows remote attackers to inject arbitrary web script or HTML via the database parameter...
CVE-2007-2808
CVE-2007-2808 affects gnatsweb/gnatsweb.pl in Gnatsweb 4.00 and Gnats 4.1.99, where inadequate sanitization of the database parameter in the main CGI script allows remote XSS via arbitrary HTML/script. Debian's DSA-1486-1 notes the fix in gnatsweb 4.00-1etch1, indicating remediation by upgrading ...