2 matches found
Debian DSA-264-1 : lxr - missing filename sanitizing
Upstream developers of lxr, a general hypertext cross-referencing tool, have been alerted of a vulnerability that allows a remote attacker to read arbitrary files on the host system as user www-data. This could disclose local files that were not meant to be shared with the public. %NASLMINLEVEL...
DSA-264 lxr - missing filename sanitizing
Bulletin has no description...