Bug#453278: CVE-2007-6110: XSS in htsearch
Package: htdig
Version: 1:3.2.0b6-3.1
Severity: important
Tags: security
Hi
The following CVE[0] has been issued against htdig.
CVE-2007-6110:
Cross-site scripting (XSS) vulnerability in htsearch in htdig 3.2.0b6
allows remote attackers to inject arbitrary web script or HTML via the
sort parameter.
Please mention the CVE id number in your changelog, when you fix the
problem.
Cheers
Steffen
[0]: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6110
Reply to: