ViewVC Invalid Parameter Arbitrary HTML Injection

This script is Copyright (C) 2009-2015 Tenable Network Security, Inc.

Synopsis :

An application running on the remote web server has an HTML injection

Description :

The version of ViewVC hosted on the remote host is vulnerable to a
HTML injection attack. Requesting a URL with an invalid parameter
name in the query string generates an error message that echoes back
the parameter name. Any URLs included in the invalid parameter name
become hyperlinks. A remote attacker could trick a user into
requesting a malicious URL to facilitate a social engineering attempt.

According to some reports, there is also an unrelated cross-site
scripting issue in this version of ViewVC, though Nessus has not
checked for that.

See also :

Solution :

Upgrade to ViewVC 1.0.9 or later.

Risk factor :

Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 3.6
Public Exploit Available : true

Family: CGI abuses : XSS

Nessus Plugin ID: 42348 ()

Bugtraq ID: 36035