CVE-2009-2947 in Ubuntu

CVE-2009-2947

Priority

Description

Cross-site scripting (XSS) vulnerability in Xapian Omega before 1.0.16
allows remote attackers to inject arbitrary web script or HTML via
unspecified CGI parameter values, which are sometimes included in exception
messages.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2947

Bugs

https://bugs.edge.launchpad.net/ubuntu/+source/xapian-omega/+bug/587739

Notes

Package

Source: xapian-omega (LP Ubuntu Debian)

Upstream:	released (1.0.16)
Ubuntu 22.04 LTS (Jammy Jellyfish):	not-affected

Patches:

Vendor:	http://snapshot.debian.org/package/xapian-omega/1.0.7-3%2Blenny1/
Debdiff:	https://bugs.edge.launchpad.net/bugs/601160

More Information

Mitre
NVD
Launchpad
Debian

Updated: 2022-02-10 23:38:22 UTC (commit acb3d89ab51f1d5e5543fa993969c0eb13c71f04)