Cross-site scripting (XSS) vulnerability in the getLog function in svnlook.php in WebSVN prior to 2.3.1 allows remote malicious users to inject arbitrary web script or HTML via the path parameter to (1) comp.php, (2) diff.php, or (3) revision.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
websvn websvn 2.2.0 |
||
websvn websvn 2.1.0 |
||
websvn websvn |
||
websvn websvn 2.2.1 |
||
websvn websvn 2.0 |
||
websvn websvn 1.61 |