XSS Vulnerability in Roundup Product by Sourceforge
CVE-2012-6131

Currently unrated

Key Information:

Vendor

Roundup-tracker

Status
Roundup
Vendor
CVE Published:
11 April 2014

What is CVE-2012-6131?

The affected version of Roundup prior to 1.4.20 contains a cross-site scripting (XSS) vulnerability in the cgi/client.py component. This flaw permits remote attackers to inject malicious web scripts or HTML content through the @action parameter within the support/issue1 endpoint. If successfully exploited, this vulnerability could lead to unauthorized access to sensitive information, session hijacking, and other security issues, making it imperative for users to upgrade to version 1.4.20 or later to mitigate these risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://bugzilla.redhat.com/show_bug.cgi?id=722672
x_refsource_CONFIRM
https://pypi.python.org/pypi/roundup/1.4.20
x_refsource_CONFIRM
http://www.openwall.com/lists/oss-security/2013/02/13/8
mailing-listx_refsource_MLIST

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.