CVE-2008-5918
21.01.2009, 02:30
Cross-site scripting (XSS) vulnerability in the getParameterisedSelfUrl function in index.php in WebSVN 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.
| Vendor | Product | Version |
|---|---|---|
| tigris | websvn | 𝑥 ≤ 2.0 |
| tigris | websvn | 1.00 |
| tigris | websvn | 1.01 |
| tigris | websvn | 1.02 |
| tigris | websvn | 1.03 |
| tigris | websvn | 1.04 |
| tigris | websvn | 1.10 |
| tigris | websvn | 1.20 |
| tigris | websvn | 1.31a:a |
| tigris | websvn | 1.32 |
| tigris | websvn | 1.33 |
| tigris | websvn | 1.34 |
| tigris | websvn | 1.37 |
| tigris | websvn | 1.38 |
| tigris | websvn | 1.39 |
| tigris | websvn | 1.40 |
| tigris | websvn | 1.51 |
| tigris | websvn | 1.60 |
| tigris | websvn | 1.61 |
| tigris | websvn | 1.62 |
𝑥
= Vulnerable software versions
Ubuntu Releases
References