thr3ads.net - Secure testing team - [Secure-testing-team] Bug#538234: CVE-2009-2569: Multiple cross-site scripting (XSS) vulnerabilities [Jul 2009]

If this information is useful, please help other people find it:
Share via:

Giuseppe Iuculano

2009-Jul-24 09:00 UTC

[Secure-testing-team] Bug#538234: CVE-2009-2569: Multiple cross-site scripting (XSS) vulnerabilities

Package: verlihub
Severity: serious
Tags: security

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Hi,
the following CVE (Common Vulnerabilities & Exposures) id was
published for verlihub.

CVE-2009-2569[0]:
| Multiple cross-site scripting (XSS) vulnerabilities in Verlihub
| Control Panel (VHCP) 1.7e allow remote attackers to inject arbitrary
| web script or HTML via (1) the nick parameter in a login action to
| index.php or (2) the URI in a news request to index.html.

If you fix the vulnerability please also make sure to include the
CVE id in your changelog entry.

For further information see:

[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2569
    http://security-tracker.debian.net/tracker/CVE-2009-2569

Cheers,
Giuseppe

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkppeDEACgkQNxpp46476aqoCQCgnO55QxWaLhrFZT7GMgFBM6Fr
5NcAnjraj4zDajmPFV3BJk4dcSBtfAAD
=jhle
-----END PGP SIGNATURE-----

Secure testing team - Jul 2009 - Bug#538234: CVE-2009-2569: Multiple cross-site scripting (XSS) vulnerabilities

[Secure-testing-team] Bug#538234: CVE-2009-2569: Multiple cross-site scripting (XSS) vulnerabilities