CVE-2016-2511

NameCVE-2016-2511
DescriptionCross-site scripting (XSS) vulnerability in WebSVN 2.3.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the path parameter to log.php.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
ReferencesDLA-428-1, DSA-3490-1
NVD severitymedium

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
websvnsourcesqueeze2.3.1-1+deb6u2DLA-428-1
websvnsourcewheezy2.3.3-1.1+deb7u2DSA-3490-1
websvnsourcejessie2.3.3-1.2+deb8u1DSA-3490-1
websvnsource(unstable)(unfixed)

Search for package or bug name: Reporting problems