Multiple cross-site scripting (XSS) vulnerabilities in GForge 4.5.14, 4.7.3, and possibly other versions allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References
Link | Resource |
---|---|
http://secunia.com/advisories/35458 | Vendor Advisory |
http://www.debian.org/security/2009/dsa-1818 | Patch |
http://www.securityfocus.com/bid/35424 |
Configurations
Configuration 1 (hide)
|
Information
Published : 2009-11-24 09:30
Updated : 2009-11-24 09:30
NVD link : CVE-2009-4069
Mitre link : CVE-2009-4069
JSON object : View
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Products Affected
gforge
- gforge