Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
From: office (officeoffice.ac)
Date: Sat May 18 2002 - 19:32:24 CDT
ViewCVS: cross-site scripting bug
I found the following cross-site scripting vulnerability in ViewCVS:
Affected Version: 0.9.2 and under it
Vendor's URL: http://viewcvs.sourceforge.net/
Vendor Status: Informed. And they already fixed it only in their team.
But nothing has been published.
ViewCVS is a WWW interface for CVS Repositories. It is widely used in
freesoft community and open source community. Unfortunately, it has
the vulnerability of cross-site scripting.
If you access to the URL like;