Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

ViewVC < 1.0.9 Multiple Vulnerabilities

Medium

Synopsis

The remote host is vulnerable to multiple attack vectors.

Description

The remote host is running ViewVC, a web-based interface for CVS and Subversion. The installed version of ViewVC is earlier than 1.0.9. Such versions are potentially affected by multiple issues :

- A cross-site scripting vulnerability in the 'view' parameter.

- An unspecified vulnerability that may allow attackers to print illegal parameter names and values.

Solution

Upgrade to ViewVC 1.0.9 or later.