Candidate: CVE-2011-5221
PublicDate: 2012-10-25 17:55:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-5221
 http://xforce.iss.net/xforce/xfdb/71888
 http://www.securitytracker.com/id?1026438
 http://websvn.tigris.org/issues/show_bug.cgi?id=275
 http://st2tea.blogspot.com/2011/12/websvn-cross-site-scripting.html
 http://secunia.com/advisories/47288
 http://osvdb.org/77943
 http://osvdb.org/77942
 http://osvdb.org/77941
Description:
 Cross-site scripting (XSS) vulnerability in the getLog function in
 svnlook.php in WebSVN before 2.3.1 allows remote attackers to inject
 arbitrary web script or HTML via the path parameter to (1) comp.php, (2)
 diff.php, or (3) revision.php.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_websvn:
upstream_websvn: released (2.3.1)
hardy_websvn: ignored (reached end-of-life)
lucid_websvn: ignored (reached end-of-life)
natty_websvn: not-affected (2.3.2-1)
oneiric_websvn: not-affected
precise_websvn: not-affected
quantal_websvn: not-affected
raring_websvn: not-affected
saucy_websvn: not-affected
devel_websvn: not-affected