[Bug 186570] [NEW] [gforge] [CVE-2007-0176] missing input sanitising

hk47 Mon, 28 Jan 2008 02:00:28 -0800

Public bug reported:

Binary package hint: gforge


References:
DSA-1475-1 (http://www.debian.org/security/2008/dsa-1475)

Quoting:
"José Ramón Palanco discovered that a cross site scripting vulnerability in 
GForge, a collaborative development tool, allows remote attackers to inject 
arbitrary web script or HTML in the context of a logged in user's session."

** Affects: gforge (Ubuntu)
     Importance: Undecided
         Status: New

** Visibility changed to: Public

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2007-0176

-- 
[gforge] [CVE-2007-0176] missing input sanitising
https://bugs.launchpad.net/bugs/186570
You received this bug notification because you are a member of Ubuntu
Bugs, which is the bug contact for Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 186570] [NEW] [gforge] [CVE-2007-0176] missing input sanitising

Reply via email to