CVE-2009-2937

Priority
Medium
Description
Cross-site scripting (XSS) vulnerability in Planet 2.0 and Planet Venus
allows remote attackers to inject arbitrary web script or HTML via the SRC
attribute of an IMG element in a feed.
References
Bugs
Package
Upstream:needs-triage
Ubuntu 8.04 LTS (Hardy Heron):ignored (reached end-of-life)
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 11.04 (Natty Narwhal):DNE
Ubuntu 11.10 (Oneiric Ocelot):DNE
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Package
Upstream:needs-triage
Ubuntu 8.04 LTS (Hardy Heron):DNE
Ubuntu 10.04 LTS (Lucid Lynx):not-affected (0~bzr116-1)
Ubuntu 11.04 (Natty Narwhal):not-affected (0~bzr116-1)
Ubuntu 11.10 (Oneiric Ocelot):not-affected (0~bzr116-1)
Ubuntu 12.04 LTS (Precise Pangolin):not-affected (0~bzr116-1)
More Information

Valid XHTML 1.0 Strict

Updated: 2012-06-01 15:20:04 UTC (commit 5347)