CVE-2007-4048

Published: 30 July 2007

Cross-site scripting (XSS) vulnerability in index.php in phpSysInfo 2.5.4-dev and earlier allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.

Priority

Status

Package	Release	Status
egroupware Launchpad, Ubuntu, Debian	dapper	Ignored (end of life)
	edgy	Ignored (end of life, was needed)
	feisty	Ignored (end of life, was needed)
	gutsy	Released (1.2.107-2.dfsg-1.1)
	hardy	Released (1.2.107-2.dfsg-1.1)
	intrepid	Released (1.2.107-2.dfsg-1.1)
	jaunty	Released (1.2.107-2.dfsg-1.1)
	karmic	Released (1.2.107-2.dfsg-1.1)
	upstream	Needs triage
phpgroupware Launchpad, Ubuntu, Debian	dapper	Ignored (end of life)
	edgy	Ignored (end of life, was needed)
	feisty	Ignored (end of life, was needed)
	gutsy	Released (0.9.16.012+dfsg-1)
	hardy	Released (0.9.16.012+dfsg-1)
	intrepid	Released (0.9.16.012+dfsg-1)
	jaunty	Released (0.9.16.012+dfsg-1)
	karmic	Released (0.9.16.012+dfsg-1)
	upstream	Needs triage
phpsysinfo Launchpad, Ubuntu, Debian	dapper	Ignored (end of life)
	edgy	Ignored (end of life, was needed)
	feisty	Ignored (end of life, was needed)
	gutsy	Released (2.5.2-0ubuntu2)
	hardy	Released (2.5.2-0ubuntu2)
	intrepid	Released (2.5.2-0ubuntu2)
	jaunty	Released (2.5.2-0ubuntu2)
	karmic	Released (2.5.2-0ubuntu2)
	upstream	Needs triage

References

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›

CVE-2007-4048

Priority

Status

References

Join the discussion

Canonical is offering Expanded Security Maintenance

Further reading