CVE-2009-3303
Publication date 24 November 2009
Last updated 24 July 2024
Ubuntu priority
Cross-site scripting (XSS) vulnerability in www/help/tracker.php in GForge 4.5.14, 4.7 rc2, and 4.8.1 allows remote attackers to inject arbitrary web script or HTML via the helpname parameter.
Status
Package | Ubuntu Release | Status |
---|---|---|
gforge | 11.10 oneiric | Not in release |
11.04 natty | Not in release | |
10.10 maverick |
Not affected
|
|
10.04 LTS lucid |
Not affected
|
|
9.10 karmic | Ignored end of life | |
9.04 jaunty |
Fixed 4.7~rc2-7lenny3build0.9.04.1
|
|
8.10 intrepid | Ignored end of life, was needed | |
8.04 LTS hardy | Ignored end of life | |
6.06 LTS dapper | Ignored end of life |