PublicDate: 2007-01-11 00:28:00 UTC
Candidate: CVE-2007-0175
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0175
Description:
 Cross-site scripting (XSS) vulnerability in htsrv/login.php in b2evolution
 1.8.6 allows remote attackers to inject arbitrary web script or HTML via
 scriptable attributes in the redirect_to parameter.
Ubuntu-Description:
Notes:
Priority: untriaged
Discovered-by:
Assigned-to:
CVSS:

Bugs:
 https://bugs.launchpad.net/bugs/227311

Patches_b2evolution:
 vendor: http://www.debian.org/security/2008/dsa-1568
dapper_b2evolution: ignored (reached end-of-life)
edgy_b2evolution: needed (reached end-of-life)
feisty_b2evolution: needed (reached end-of-life)
gutsy_b2evolution: released (0.9.2-4)
hardy_b2evolution: DNE
intrepid_b2evolution: not-affected (2.4.2-1)
jaunty_b2evolution: not-affected (2.4.2-1)
karmic_b2evolution: not-affected (2.4.2-1)
devel_b2evolution: DNE
upstream_b2evolution: needs-triage