Vulnerabilities

CVE-2006-5442

by Fred · 20/10/2006

ViewVC 1.0.2 and earlier does not specify a charset in its HTTP headers or HTML documents, which allows remote attackers to conduct cross-site scripting (XSS) attacks that inject arbitrary UTF-7 encoded JavaScript code via a view.

Date published : 2006-10-20

http://www.securityfocus.com/bid/20543

http://www.securityfocus.com/archive/1/448762/100/0/threaded

Similar

Tags: Cybersecurity Alert

CVE-2006-5442

Similar

Recent Posts

Categories

CVE-2006-5442

Share this:

Similar

Recent Posts

Categories

Tags