[Bug 227288] [NEW] [phpgedview] [CVE-2007-5051] cross site scripting vulnerability due to insufficient input sanitising

Launchpad Bug Tracker 227288 at bugs.launchpad.net
Sat Oct 18 04:50:09 BST 2008


*** This bug is a security vulnerability ***

You have been subscribed to a public security bug by Sarah Hobbs (hobbsee):

Binary package hint: phpgedview

References:
DSA-1559-1 (http://www.debian.org/security/2008/dsa-1559)

Quoting:
"It was discovered that phpGedView, an application to provide online access
to genealogical data, performed insufficient input sanitising on some
parameters, making it vulnerable to cross site scripting."

** Affects: phpgedview (Ubuntu)
     Importance: Undecided
         Status: Triaged

** Affects: phpgedview (Ubuntu Feisty)
     Importance: Undecided
         Status: New

** Affects: phpgedview (Ubuntu Gutsy)
     Importance: Undecided
         Status: New

** Affects: phpgedview (Ubuntu Hardy)
     Importance: Undecided
         Status: New

** Affects: phpgedview (Ubuntu Intrepid)
     Importance: Undecided
         Status: Triaged

** Affects: phpgedview (Debian)
     Importance: Unknown
         Status: Fix Released

-- 
[phpgedview] [CVE-2007-5051] cross site scripting vulnerability due to insufficient input sanitising
https://bugs.edge.launchpad.net/bugs/227288
You received this bug notification because you are a member of Ubuntu Package Archive Administrators, which is a direct subscriber.



More information about the ubuntu-archive mailing list