User: Password:
|
|
Subscribe / Log in / New account

python-djblets: cross-site scripting

Package(s):python-djblets CVE #(s):CVE-2013-4519
Created:November 18, 2013 Updated:November 26, 2013
Description: From the Red Hat bugzilla:

A flaw in the display of the branch field of a review request allows an attacker to inject arbitrary HTML, allowing attackers to construct scripts that run in the context of the page.

A flaw in the display of the alt text for an uploaded screenshot or image file attachment allows an attacker to inject arbitrary HTML through the caption field, allowing attackers to construct scripts that run in the context of the page.

Alerts:
Fedora FEDORA-2013-20814 python-djblets 2013-11-15
Fedora FEDORA-2013-20817 ReviewBoard 2013-11-26
Fedora FEDORA-2013-20817 python-djblets 2013-11-26
Fedora FEDORA-2013-20814 ReviewBoard 2013-11-15

(Log in to post comments)


Copyright © 2018, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds