[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248268

 
 

909

 
 

195051

 
 

282

Paid content will be excluded from the download.


Download | Alert*
OVAL

DSA-1475 gforge -- missing input sanitising

ID: oval:org.mitre.oval:def:7846Date: (C)2009-12-15   (M)2021-07-09
Class: PATCHFamily: unix




Joseacute Ramoacuten Palanco discovered that a cross site scripting vulnerability in GForge, a collaborative development tool, allows remote attackers to inject arbitrary web script or HTML in the context of a logged in user's session. The old stable distribution (sarge) is not affected by this problem.

Platform:
Debian 4.0
Product:
gforge
Reference:
DSA-1475
CVE-2007-0176
CVE    1
CVE-2007-0176
CPE    1
cpe:/o:debian:debian_linux:4.0

© SecPod Technologies