Launchpad CVE tracker

CVE 2007-2808

Cross-site scripting (XSS) vulnerability in gnatsweb.pl in Gnatsweb 4.00 and Gnats 4.1.99 allows remote attackers to inject arbitrary web script or HTML via the database parameter.

Related bugs and status

CVE-2007-2808 (Candidate) is related to these bugs:

Bug #150687: [Sync request] Sync gnatsweb (4.00-1.1) from Debian unstable (main)

Summary				In	Importance	Status
	150687	[Sync request] Sync gnatsweb (4.00-1.1) from Debian unstable (main)		gnatsweb (Ubuntu)	Undecided	Fix Released

Bug #191196: [gnatsweb] [CVE-2007-2808] cross-site scripting vulnerability

		In	Importance	Status
191196	[gnatsweb] [CVE-2007-2808] cross-site scripting vulnerability	gnatsweb (Ubuntu)	Low	Invalid
191196	[gnatsweb] [CVE-2007-2808] cross-site scripting vulnerability	gnatsweb (Debian)	Unknown	Fix Released
191196	[gnatsweb] [CVE-2007-2808] cross-site scripting vulnerability	gnatsweb (Ubuntu Feisty)	Low	Fix Released
191196	[gnatsweb] [CVE-2007-2808] cross-site scripting vulnerability	gnatsweb (Ubuntu Edgy)	Low	Fix Released
191196	[gnatsweb] [CVE-2007-2808] cross-site scripting vulnerability	gnatsweb (Ubuntu Dapper)	Low	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2007-2808

References