Create an account

Subscribe to LWN

Serve your customers, not your servers, with VERIO Linux VPS. Full-access test-drive here.

LWN.net Weekly Edition for May 15, 2008

Distributed bug tracking

A Talk with Fedora Project Leader Paul Frields

LWN.net Weekly Edition for May 8, 2008

Blizzard tests the reach of copyright law

Weekly edition	Kernel	Security	Distributions	Search
Archives	Calendar	Subscribe	Write for LWN	LWN.net FAQ

gforge: cross-site scripting

Package(s):

gforge

CVE #(s):

CVE-2007-0176

Created:

January 28, 2008

Updated:

January 30, 2008

Description:

From the NVD entry:

Cross-site scripting (XSS) vulnerability in search/advanced_search.php in GForge 4.5.11 allows remote attackers to inject arbitrary web script or HTML via the words parameter.

Alerts:

Debian

2008-01-26

(Log in to post comments)

Copyright © 2008, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds
Powered by Rackspace Managed Hosting.