Alerts This Week
Warning Icon 1 916
Alerts This Week
Warning Icon 1 916

Gentoo: GLSA-200412-23 Low Severity: Zwiki XSS Threat Advisory

gentoo
Calendar Grey December 21, 2004
Dist Gentoo Esm H88
The software Zwiki on Gentoo is vulnerable to Cross-Site Scripting (XSS) weaknesses stemming from inadequate input sanitization. It's advised to perform an upgrade.
Zwiki is vulnerable to cross-site scripting attacks.

Summary

Gentoo Linux Security Advisory GLSA 200412-23 https://security.gentoo.org/ Severity: Low Title: Zwiki: XSS vulnerability Date: December 21, 2004 Bugs: #72315 ID: 200412-23

Synopsis ======= Zwiki is vulnerable to cross-site scripting attacks.
Background ========= Zwiki is a Zope wiki-clone for easy-to-edit collaborative websites.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-zope/zwiki < 0.36.2-r1 >= 0.36.2-r1
========== Due to improper input validation, Zwiki can be exploited to perform cross-site scripting attacks.
Impact ===== By enticing a user to read a specially-crafted wiki entry, an attacker can execute arbitrary script code running in the ...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory gentoo exploit cross-site scripting low severity xss zwiki

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Severity
low
Lowest
Low
Medium
High
Critical

Topics%20covered

Topics Covered

security advisory gentoo exploit cross-site scripting low severity xss zwiki

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround

Your message here