|
|
CVE Reference: CVE-2005-3334 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2005-3334 |
|
|
Description: Cross-site scripting (XSS) vulnerability in index.php in Flyspray 0.9.7 through 0.9.8 (devel) allows remote attackers to inject arbitrary web script or HTML via the (1) PHPSESSID, (2) task, (3) string, (4) type, (5) serv, (6) due, (7) dev, and (8) sort2 parameters. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/22889 SAID Secunia Advisory: SA18606 Secunia Advisory: SA17316 OSVDB 20326 MISC http://lostmon.blogspot.com/2005/10/flyspray-bug-killer-multiple-variable.html DEBIAN http://www.debian.org/security/2006/dsa-953 CONFIRM http://flyspray.rocks.cc/bts/task/703 BID 15209 |
|
| Return to the previous page. |
