5 matches found
CVE-2024-39125
Roundup before 2.4.0 allows XSS via a SCRIPT element in an HTTP Referer header...
Linux Distros Unpatched Vulnerability : CVE-2025-53865
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Roundup before 2.5.0, XSS can occur via interaction between URLs and issue tracker templates devel and responsive. CVE-2025-53865 Note that Nessus relies on...
Linux Distros Unpatched Vulnerability : CVE-2024-39125
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Roundup before 2.4.0 allows XSS via a SCRIPT element in an HTTP Referer header. CVE-2024-39125 Note that Nessus relies on the presence of the package as reporte...
CVE-2025-53865
In Roundup before 2.5.0, XSS can occur via interaction between URLs and issue tracker templates devel and responsive...
CVE-2019-10904
Roundup 1.6 allows XSS via the URI because frontends/roundup.cgi and roundup/cgi/wsgihandler.py mishandle 404 errors...