Package: mnogosearch Severity: important Tags: security Hi Thorsten, the following CVE (Common Vulnerabilities & Exposures) id was published for mnogosearch.
CVE-2007-5588[0]: | Cross-site scripting (XSS) vulnerability in mnoGoSearch before 3.2.43 | allows remote attackers to inject arbitrary web script or HTML via the | t parameter in search.cgi, as reachable from search.htm-dist. If you fix this vulnerability please also include the CVE id in your changelog entry. I am not entirely sure if the version in unstable is not affected, please contact upstream about that. At least the version in stable and testing is. For further information: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5588 Kind regards Nico -- Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted.
pgpEO8GT66Epq.pgp
Description: PGP signature

