CVE-2010-2491

Cross-site scripting (XSS) vulnerability in cgi/client.py in Roundup before 1.4.14 allows remote attackers to inject arbitrary web script or HTML via the template argument to the /issue program.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:roundup-tracker:roundup:*:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.1.0:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.1.1:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.1.2:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.1.3:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.2.0:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.2.1:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.2.2:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.2.3:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.2.4:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.2.5:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.2.6:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.2.7:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.2.8:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.3.0:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.3.0:pre1:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.3.0:pre2:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.3.0:pre3:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.4.0:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.4.0:b1:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.4.0:b2:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.4.1:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.4.2:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.4.2:pr1:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.5:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.5.0:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.5.0:beta1:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.5.0:beta2:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.5.0:pr1:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.5.1:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.5.2:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.5.3:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.5.4:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.5.5:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.5.6:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.5.7:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.5.8:stable:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.5.9:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.6.0:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.6.0:b1:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.6.0:b2:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.6.0:b3:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.6.0:b4:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.6.1:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.6.2:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.6.3:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.6.4:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.6.5:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.6.6:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.6.7:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.6.8:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.6.9:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.6.10:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.6.11:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.7.0:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.7.0:b1:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.7.0:b2:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.7.0:b3:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.7.1:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.7.2:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.7.3:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.7.4:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.7.5:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.7.6:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.7.7:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.7.8:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.7.9:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.7.10:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.7.11:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.7.12:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.8.0:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.8.0:b1:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.8.0:b2:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.8.1:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.8.2:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.8.3:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.8.4:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.8.5:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.8.6:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:0.9.0:b1:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:1.0:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:1.1.0:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:1.1.1:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:1.1.2:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:1.2.0:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:1.2.1:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:1.3.0:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:1.3.1:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:1.3.2:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:1.3.3:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:1.4.0:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:1.4.1:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:1.4.2:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:1.4.3:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:1.4.4:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:1.4.5:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:1.4.6:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:1.4.7:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:1.4.8:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:1.4.9:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:1.4.10:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:1.4.11:*:*:*:*:*:*:*
cpe:2.3:a:roundup-tracker:roundup:1.4.12:*:*:*:*:*:*:*

History

No history.

Information

Published : 2010-09-24 19:00

Updated : 2024-02-04 17:54


NVD link : CVE-2010-2491

Mitre link : CVE-2010-2491

CVE.ORG link : CVE-2010-2491


JSON object : View

Products Affected

roundup-tracker

  • roundup
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')