CVE-2007-3918
Published: 5 October 2007
Cross-site scripting (XSS) vulnerability in account/verify.php in GForge 4.6b2 allows remote attackers to inject arbitrary web script or HTML via the confirm_hash parameter.
Notes
Author | Note |
---|---|
kees | sarge:3.1-31sarge3 etch:4.5.14-22etch2 sid:4.6.99+svn6094-1 |
Priority
Status
Package | Release | Status |
---|---|---|
gforge Launchpad, Ubuntu, Debian |
dapper |
Ignored
(end of life)
|
edgy |
Ignored
(end of life, was needed)
|
|
feisty |
Ignored
(end of life, was needed)
|
|
gutsy |
Ignored
(end of life, was needed)
|
|
hardy |
Not vulnerable
|
|
intrepid |
Not vulnerable
|
|
jaunty |
Not vulnerable
|
|
karmic |
Not vulnerable
|
|
upstream |
Released
(4.7)
|