Candidate: CVE-2010-0736
PublicDate: 2010-03-19 19:30:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0736
Description:
 Cross-site scripting (XSS) vulnerability in the view_queryform function in
 lib/viewvc.py in ViewVC before 1.0.10, and 1.1.x before 1.1.4, allows
 remote attackers to inject arbitrary web script or HTML via "user-provided
 input."
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_viewvc:
upstream_viewvc: released (1.0.10)
dapper_viewvc: DNE
hardy_viewvc: ignored (reached end-of-life)
intrepid_viewvc: needed (reached end-of-life)
jaunty_viewvc: ignored (reached end-of-life)
karmic_viewvc: ignored (reached end-of-life)
lucid_viewvc: ignored (reached end-of-life)
maverick_viewvc: not-affected (1.1.5-1)
natty_viewvc: not-affected (1.1.5-1)
oneiric_viewvc: not-affected (1.1.5-1)
precise_viewvc: not-affected (1.1.5-1)
quantal_viewvc: not-affected (1.1.5-1)
raring_viewvc: not-affected (1.1.5-1)
saucy_viewvc: not-affected (1.1.5-1)
devel_viewvc: not-affected (1.1.5-1)