CVE-2011-3361

EPSS 0.61%

Published: 2/18/2012Modified: 4/28/2026

Description

Cross-site scripting (XSS) vulnerability in CGI/Browse.pm in BackupPC 3.2.0 and possibly other versions before 3.2.1 allows remote attackers to inject arbitrary web script or HTML via the num parameter in a browse action to index.cgi.

Affected packages (1)

Debian/backuppcfrom 0, < 3.2.1-2

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2011-3361