CVE-2008-1468

描述

Cross-site scripting (XSS) vulnerability in namazu.cgi in Namazu before 2.0.18 allows remote attackers to inject arbitrary web script or HTML via UTF-7 encoded input, related to failure to set the charset, a different vector than CVE-2004-1318 and CVE-2001-1350. NOTE: some of these details are obtained from third party information.

受影響套件(1)

• Debian/namazu2from 0, < 2.0.18-0.1

參考連結(1)

• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2008-1468