[Secure-testing-team] Bug#538234: CVE-2009-2569: Multiple cross-site scripting (XSS) vulnerabilities
Giuseppe Iuculano
giuseppe at iuculano.it
Fri Jul 24 09:00:36 UTC 2009
Package: verlihub
Severity: serious
Tags: security
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities & Exposures) id was
published for verlihub.
CVE-2009-2569[0]:
| Multiple cross-site scripting (XSS) vulnerabilities in Verlihub
| Control Panel (VHCP) 1.7e allow remote attackers to inject arbitrary
| web script or HTML via (1) the nick parameter in a login action to
| index.php or (2) the URI in a news request to index.html.
If you fix the vulnerability please also make sure to include the
CVE id in your changelog entry.
For further information see:
[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2569
http://security-tracker.debian.net/tracker/CVE-2009-2569
Cheers,
Giuseppe
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkppeDEACgkQNxpp46476aqoCQCgnO55QxWaLhrFZT7GMgFBM6Fr
5NcAnjraj4zDajmPFV3BJk4dcSBtfAAD
=jhle
-----END PGP SIGNATURE-----
More information about the Secure-testing-team
mailing list