CVE-2007-6156

Publication date 29 November 2007

Last updated 24 July 2024


Ubuntu priority

Multiple cross-site scripting (XSS) vulnerabilities in base_qry_main.php in Base Analysis and Security Engine (BASE) before 1.3.9 allow remote attackers to inject arbitrary web script or HTML via the (1) sig[0] and (2) sig[1] parameters.

Read the notes from the security team

Status

Package Ubuntu Release Status
acidbase 8.10 intrepid
Not affected
8.04 LTS hardy
Not affected
7.10 gutsy Ignored end of life, was needed
7.04 feisty
Not affected
6.10 edgy
Not affected
6.06 LTS dapper
Not affected

Notes


jdstrand

dapper-feist not affected according to secure-testing