CVE-2016-1236 in WebSVNinfo

Summary

Multiple cross-site scripting (XSS) vulnerabilities in (1) revision.php, (2) log.php, (3) listing.php, and (4) comp.php in WebSVN allow context-dependent attackers to inject arbitrary web script or HTML via the name of a (a) file or (b) directory in a repository.

Be aware that VulDB is the high quality source for vulnerability data.

Reservation

12/27/2015

Disclosure

05/11/2016

Moderation

VulDB entry created

Entries

VDB-87264 (1)

CPE

ready

CWE

CWE-79 (Confirmed)

CVSS

6.1

EPSS

0.00401

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-1236
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-1236
CVE Details	https://www.cvedetails.com/cve/CVE-2016-1236/

◂ Previous Overview Next ▸

Do you know our Splunk app?

Download it now for free!