Candidate: CVE-2010-0132
PublicDate: 2010-03-31 18:00:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0132
Description:
 Cross-site scripting (XSS) vulnerability in ViewVC 1.1 before 1.1.5 and 1.0
 before 1.0.11, when the regular expression search functionality is enabled,
 allows remote attackers to inject arbitrary web script or HTML via vectors
 related to "search_re input," a different vulnerability than CVE-2010-0736.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_viewvc:
upstream_viewvc: released (1.0.11, 1.1.5)
dapper_viewvc: DNE
hardy_viewvc: ignored (reached end-of-life)
intrepid_viewvc: needed (reached end-of-life)
jaunty_viewvc: ignored (reached end-of-life)
karmic_viewvc: ignored (reached end-of-life)
lucid_viewvc: ignored (reached end-of-life)
maverick_viewvc: not-affected (1.1.5-1)
natty_viewvc: not-affected (1.1.5-1)
oneiric_viewvc: not-affected (1.1.5-1)
precise_viewvc: not-affected (1.1.5-1)
quantal_viewvc: not-affected (1.1.5-1)
raring_viewvc: not-affected (1.1.5-1)
saucy_viewvc: not-affected (1.1.5-1)
devel_viewvc: not-affected (1.1.5-1)