aboutsummaryrefslogtreecommitdiffstats
path: root/security/vuxml
diff options
context:
space:
mode:
authormiwi <miwi@FreeBSD.org>2008-10-26 02:51:13 +0800
committermiwi <miwi@FreeBSD.org>2008-10-26 02:51:13 +0800
commit7de0d3ee98b32d0b2ef87a53a4deeca4ac197db6 (patch)
tree960c6c380eec6d2801a6c462de501aba5e1bc955 /security/vuxml
parent3d80b9815e540cadaaa3d257ed33130a8cff3ad2 (diff)
downloadfreebsd-ports-graphics-7de0d3ee98b32d0b2ef87a53a4deeca4ac197db6.tar.gz
freebsd-ports-graphics-7de0d3ee98b32d0b2ef87a53a4deeca4ac197db6.tar.zst
freebsd-ports-graphics-7de0d3ee98b32d0b2ef87a53a4deeca4ac197db6.zip
- Document flyspray -- multiple vulnerabilities
Submitted by: Nick Hilliard (nick@foobar.org) (based on)
Diffstat (limited to 'security/vuxml')
-rw-r--r--security/vuxml/vuln.xml52
1 files changed, 52 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml
index 7d73e029074..086d1e222ef 100644
--- a/security/vuxml/vuln.xml
+++ b/security/vuxml/vuln.xml
@@ -34,6 +34,58 @@ Note: Please add new entries to the beginning of this file.
-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+ <vuln vid="9d3020e4-a2c4-11dd-a9f9-0030843d3802">
+ <topic>flyspray -- multiple vulnerabilities</topic>
+ <affects>
+ <package>
+ <name>flyspray</name>
+ <range><lt>0.9.9.5.1</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>The Flyspray Project reports:</p>
+ <blockquote cite="http://www.flyspray.org/fsa:2">
+ <p>Flyspray is affected by a Cross Site scripting Vulnerability
+ due to an error escaping PHP's $_SERVER['QUERY_STRING']
+ superglobal, that can be maliciously used to inject
+ arbitrary code into the savesearch() javascript function.</p>
+ <p>There is an XSS problem in the history tab, the application
+ fails to sanitize the "details" parameter correctly, leading
+ to the possibility of arbitrary code injection into the
+ getHistory() javascript function.</p>
+ </blockquote>
+ <blockquote cite="http://www.flyspray.org/fsa:3">
+ <p>Flyspray is affected by a Cross Site scripting Vulnerability
+ due missing escaping of SQL error messages. By including HTML
+ code in a query and at the same time causing it to fail by
+ submitting invalid data, an XSS hole can be exploited.</p>
+ <p>There is an XSS problem in the task history attached to
+ comments, since the application fails to sanitize the the
+ old_value and new_value database fields for changed task
+ summaries.</p>
+ </blockquote>
+ <blockquote cite="http://secunia.com/advisories/29215">
+ <p>Input passed via the "item_summary" parameter to
+ "index.php?do=details" is not properly sanitised before being
+ returned to the user. This can be exploited to execute arbitrary
+ HTML and script code in a user's browser session in context of
+ an affected site.</p>
+ </blockquote>
+ </body>
+ </description>
+ <references>
+ <cvename>CVE-2007-6461</cvename>
+ <cvename>CVE-2008-1165</cvename>
+ <cvename>CVE-2008-1166</cvename>
+ <url>http://secunia.com/advisories/29215</url>
+ </references>
+ <dates>
+ <discovery>2008-02-24</discovery>
+ <entry>2008-10-25</entry>
+ </dates>
+ </vuln>
+
<vuln vid="3a4a3e9c-a1fe-11dd-81be-001c2514716c">
<topic>wordpress -- snoopy "_httpsrequest()" shell command execution vulnerability</topic>
<affects>