ViewVC < 1.0.9 Multiple Vulnerabilities
Medium Nessus Network Monitor Plugin ID 5131
SynopsisThe remote host is vulnerable to multiple attack vectors.
DescriptionThe remote host is running ViewVC, a web-based interface for CVS and Subversion. The installed version of ViewVC is earlier than 1.0.9. Such versions are potentially affected by multiple issues :
- A cross-site scripting vulnerability in the 'view' parameter.
- An unspecified vulnerability that may allow attackers to print illegal parameter names and values.
SolutionUpgrade to ViewVC 1.0.9 or later.