Bug#435709: CVE-2007-3910: Cross-site scripting (XSS) vulnerability in Bandersnatch

Stefan Fritsch Thu, 02 Aug 2007 11:57:36 -0700

Package: bandersnatch
Version: 0.4-1.1
Severity: important
Tags: security

A vulnerability has been found in bandersnatch. From CVE-2007-3910:


"Cross-site scripting (XSS) vulnerability in Bandersnatch 0.4 allows
remote attackers to inject arbitrary JavaScript via a Jabber resource
name and possibly other data items, which are stored in conversation
logs."

Please mention the CVE id in the changelog.


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#435709: CVE-2007-3910: Cross-site scripting (XSS) vulnerability in Bandersnatch

Reply via email to