Cross-Site Scripting Vulnerability in Apt-Cacher-NG by APT-Cacher
CVE-2014-4510

Currently unrated

Key Information:

Vendor: Debian
Status: Apt-cacher
Vendor: CVE Published:; 6 October 2014

What is CVE-2014-4510?

A cross-site scripting (XSS) vulnerability exists in job.cc of Apt-Cacher-NG version 0.7.26. This issue allows remote attackers to inject arbitrary web scripts or HTML through specially crafted URLs. If successfully exploited, this vulnerability could lead to unauthorized actions performed on behalf of the user, compromising the security and integrity of the application and its users.

References

http://seclists.org/oss-sec/2014/q2/603

mailing-listx_refsource_MLIST

http://www.securityfocus.com/bid/68136

vdb-entryx_refsource_BID

http://anonscm.debian.org/cgit/apt-cacher-ng/apt-cacher-n...

x_refsource_MISC

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 6, 2014
Vulnerability Reserved
Jun 22, 2014

Debian

What is CVE-2014-4510?

References

Timeline