Lucene search

K

FlexeraCVELIST:CVE-2010-0132

HistoryMar 31, 2010 - 5:35 p.m.

CVE-2010-0132

2010-03-3117:35:00

flexera

www.cve.org

5.3 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

70.6%

Cross-site scripting (XSS) vulnerability in ViewVC 1.1 before 1.1.5 and 1.0 before 1.0.11, when the regular expression search functionality is enabled, allows remote attackers to inject arbitrary web script or HTML via vectors related to “search_re input,” a different vulnerability than CVE-2010-0736.

References

lists.fedoraproject.org/pipermail/package-announce/2010-April/038420.html

lists.fedoraproject.org/pipermail/package-announce/2010-April/038456.html

lists.fedoraproject.org/pipermail/package-announce/2010-April/038925.html

lists.opensuse.org/opensuse-security-announce/2010-04/msg00002.html

secunia.com/advisories/38918

secunia.com/secunia_research/2010-26/

viewvc.tigris.org/source/browse/viewvc/trunk/CHANGES?r1=2342&r2=2359&pathrev=HEAD

www.securityfocus.com/archive/1/510408/100/0/threaded

www.vupen.com/english/advisories/2010/0743

www.vupen.com/english/advisories/2010/0844

5.3 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

70.6%

Related for CVELIST:CVE-2010-0132

cve2 ubuntucve2 nvd2 debiancve2 prion2 nessus12 openvas8 cvelist1 securityvulns2