Buildbot Multiple Cross-Site Scripting Vulnerabilities Network Vulnerability

Summary

This host is installed with Buildbot and is prone to multiple Cross Site Scripting vulnerabilities.

Impact

Successful exploitation will allow attacker to inject arbitrary web script or HTML via unspecified vectors and conduct cross-site scripting attacks. Impact Level: Application

Solution

Apply the patches or upgrade to version 0.7.11p3. http://buildbot.net/trac#SecurityAlert ***** NOTE: Please ignore this warning if the patch is already applied. *****

Insight

Several scripts in the application do not adequately sanitise user supplied data before processing and returning it to the user.

Affected

Buildbot version 0.7.6 through 0.7.11p2 on all platforms.

References

http://buildbot.net/trac#SecurityAlert
http://secunia.com/advisories/36352
http://www.vupen.com/english/advisories/2009/2352

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-2967
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Annuaire PHP 'sites_inscription.php' Cross Site Scripting Vulnerability
/doc directory browsable ?
Apache ActiveMQ Multiple Vulnerabilities
Apache OFBiz Multiple Cross Site Scripting Vulnerabilities
Apache ActiveMQ 'admin/queueBrowse' Cross Site Scripting Vulnerability

Take action and discover your vulnerabilities