MidnightBSD

Advisories for michael_hudson-doyle

CVE-2011-0728 LOW

Cross-site scripting (XSS) vulnerability in templatefunctions.py in Loggerhead before 1.18.1 allows remote authenticated users to inject arbitrary web script or HTML via a filename, which is not properly handled in a revision view.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
michael_hudson-doyle loggerhead 1.6
michael_hudson-doyle loggerhead 1.10
michael_hudson-doyle loggerhead 1.6.1
michael_hudson-doyle loggerhead 1.17
michael_hudson-doyle loggerhead *