CVE-2010-2491

Published: Sep 24, 2010

Modified: Aug 7, 2024

PUBLISHED

Description

Cross-site scripting (XSS) vulnerability in cgi/client.py in Roundup before 1.4.14 allows remote attackers to inject arbitrary web script or HTML via the template argument to the /issue program.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

FEDORA-2010-12290

vendor-advisory

x_refsource_FEDORA

[roundup-devel] 20100701 Roundup Issue Tracker 1.4.14 released

mailing-list

x_refsource_MLIST

http://bugs.gentoo.org/show_bug.cgi?id=326395

x_refsource_CONFIRM

41585

third-party-advisory

x_refsource_SECUNIA

FEDORA-2010-12261

vendor-advisory

x_refsource_FEDORA

http://issues.roundup-tracker.org/issue2550654

x_refsource_CONFIRM

https://bugzilla.redhat.com/show_bug.cgi?id=610861

x_refsource_CONFIRM

[oss-security] 20100702 CVE Request -- Roundup: XSS by processing PageTemplate template for a named page

mailing-list

x_refsource_MLIST

40433

third-party-advisory

x_refsource_SECUNIA

41326

vdb-entry

x_refsource_BID

[oss-security] 20100702 Re: CVE Request -- Roundup: XSS by processing PageTemplate template for a named page

mailing-list

x_refsource_MLIST

http://roundup.svn.sourceforge.net/viewvc/roundup/roundup/trunk/roundup/cgi/client.py?r1=4486&r2=4485&pathrev=4486

x_refsource_CONFIRM

http://roundup.svn.sourceforge.net/viewvc/roundup?view=revision&revision=4486

x_refsource_CONFIRM

FEDORA-2010-12269

vendor-advisory

x_refsource_FEDORA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2010-2491

Description

Affected Products

References