CVE-2008-5918: XSS
First published: Wed Jan 21 2009(Updated: )
Cross-site scripting (XSS) vulnerability in the getParameterisedSelfUrl function in index.php in WebSVN 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Tigris Websvn | =1.20 | |
| Tigris Websvn | =1.34 | |
| Tigris Websvn | =1.02 | |
| Tigris Websvn | =1.03 | |
| Tigris Websvn | =1.37 | |
| Tigris Websvn | =1.51 | |
| Tigris Websvn | =1.39 | |
| Tigris Websvn | =1.10 | |
| Tigris Websvn | =1.32 | |
| Tigris Websvn | =1.60 | |
| Tigris Websvn | =1.00 | |
| Tigris Websvn | <=2.0 | |
| Tigris Websvn | =1.38 | |
| Tigris Websvn | =1.01 | |
| Tigris Websvn | =1.40 | |
| Tigris Websvn | =1.62 | |
| Tigris Websvn | =1.31a | |
| Tigris Websvn | =1.04 | |
| Tigris Websvn | =1.61 | |
| Tigris Websvn | =1.33 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.gulftech.org/?node=research&article_id=00132-10202008
- http://websvn.tigris.org/issues/show_bug.cgi?id=179
- http://secunia.com/advisories/32338
- http://www.securityfocus.com/bid/31891
- http://websvn.tigris.org/servlets/NewsItemView?newsItemID=2218
- http://securityreason.com/securityalert/4928
- http://www.gentoo.org/security/en/glsa/glsa-200903-20.xml
- http://secunia.com/advisories/34191
- https://exchange.xforce.ibmcloud.com/vulnerabilities/46048
- https://www.exploit-db.com/exploits/6822
- collector/nvd-historical
- collector/nvd-index
- agent/references
- agent/author
- agent/weakness
- agent/severity
- agent/type
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/remedy
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/tigris
- canonical/tigris websvn
- version/tigris websvn/1.20
- version/tigris websvn/1.34
- version/tigris websvn/1.02
- version/tigris websvn/1.03
- version/tigris websvn/1.37
- version/tigris websvn/1.51
- version/tigris websvn/1.39
- version/tigris websvn/1.10
- version/tigris websvn/1.32
- version/tigris websvn/1.60
- version/tigris websvn/1.00
- version/tigris websvn/2.0
- version/tigris websvn/1.38
- version/tigris websvn/1.01
- version/tigris websvn/1.40
- version/tigris websvn/1.62
- version/tigris websvn/1.31a
- version/tigris websvn/1.04
- version/tigris websvn/1.61
- version/tigris websvn/1.33