Download
| Alert*
CVE-2009-0736
Cross-site scripting (XSS) vulnerability in Pebble before 2.3.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. CVE-2012-4023 CRLF injection vulnerability in Pebble before 2.6.4 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors. CVE-2012-5170 Open redirect vulnerability in Pebble before 2.6.4 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. CVE-2012-4022 Pebble before 2.6.4 allows remote attackers to trigger loss of blog-entry viewability via a crafted comment. |