CVE-2011-0050

NameCVE-2011-0050
DescriptionCross-site scripting (XSS) vulnerability in the nonjs interface (interfaces/nonjs.pm) in CGI:IRC before 0.5.10 allows remote attackers to inject arbitrary web script or HTML via the R parameter.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, GitHub code/issues, web search, more)
ReferencesDSA-2158-1
NVD severitymedium (attack range: remote)
Debian Bugs612671

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
cgiircsource(unstable)0.5.9-3.1medium612671
cgiircsourcelenny0.5.9-3lenny3mediumDSA-2158-1
cgiircsourcesqueeze0.5.9-3squeeze1mediumDSA-2158-1

Search for package or bug name: Reporting problems