Required CVE Record Information
Description
Cross-site scripting (XSS) vulnerability in zc/publisher/html.rb in ZoneCheck 2.0.4-13 and 2.1.0 allows remote attackers to inject arbitrary web script or HTML via the ns parameter to zc.cgi.
References 10 Total
- secunia.com: 39940 third-party-advisory
- vupen.com: ADV-2010-1354 vdb-entry
- debian.org: DSA-2056 vendor-advisory
- http://cvs.savannah.gnu.org/viewvc/zonecheck/zc/publisher/html.rb?root=zonecheck&view=log#rev1.80
- http://cvs.savannah.gnu.org/viewvc/zonecheck/zc/publisher/html.rb?root=zonecheck&r1=1.79&r2=1.80
- http://www.xssed.com/mirror/61096/
- secunia.com: 40083 third-party-advisory
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=583290
- https://savannah.nongnu.org/bugs/?29967
- vupen.com: ADV-2010-1351 vdb-entry
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 10 Total
- secunia.com: 39940 third-party-advisoryx_transferred
- vupen.com: ADV-2010-1354 vdb-entryx_transferred
- debian.org: DSA-2056 vendor-advisoryx_transferred
- http://cvs.savannah.gnu.org/viewvc/zonecheck/zc/publisher/html.rb?root=zonecheck&view=log#rev1.80 x_transferred
- http://cvs.savannah.gnu.org/viewvc/zonecheck/zc/publisher/html.rb?root=zonecheck&r1=1.79&r2=1.80 x_transferred
- http://www.xssed.com/mirror/61096/ x_transferred
- secunia.com: 40083 third-party-advisoryx_transferred
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=583290 x_transferred
- https://savannah.nongnu.org/bugs/?29967 x_transferred
- vupen.com: ADV-2010-1351 vdb-entryx_transferred