Launchpad CVE tracker

CVE 2007-3056

Cross-site scripting (XSS) vulnerability in filedetails.php in WebSVN 2.0rc4, and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via the path parameter.

Related bugs and status

CVE-2007-3056 (Candidate) is related to these bugs:

Bug #137392: [Sync request] Sync websvn 1.61-22.2 from Debian unstable (main)

Summary				In	Importance	Status
	137392	[Sync request] Sync websvn 1.61-22.2 from Debian unstable (main)		websvn (Ubuntu)	Wishlist	Fix Released

Bug #139985: [Sync request] Sync websvn (1.61-23) from Debian unstable (main)

Summary				In	Importance	Status
	139985	[Sync request] Sync websvn (1.61-23) from Debian unstable (main)		websvn (Ubuntu)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2007-3056

References