CVE-2010-0736
19.03.2010, 19:30
Cross-site scripting (XSS) vulnerability in the view_queryform function in lib/viewvc.py in ViewVC before 1.0.10, and 1.1.x before 1.1.4, allows remote attackers to inject arbitrary web script or HTML via "user-provided input."
Vendor | Product | Version |
---|---|---|
viewvc | viewvc | 𝑥 ≤ 1.0.9 |
viewvc | viewvc | 1.0.1 |
viewvc | viewvc | 1.0.2 |
viewvc | viewvc | 1.0.3 |
viewvc | viewvc | 1.0.4 |
viewvc | viewvc | 1.0.5 |
viewvc | viewvc | 1.0.6 |
viewvc | viewvc | 1.0.7 |
viewvc | viewvc | 1.0.8 |
viewvc | viewvc | 1.1.0 |
viewvc | viewvc | 1.1.1 |
viewvc | viewvc | 1.1.2 |
viewvc | viewvc | 1.1.3 |
𝑥
= Vulnerable software versions

Ubuntu Releases
References