Vulncode-DB
  • Home
  • About
  • Deprecation
  • News
    Login/Register
  •  
  • Issues 
    File a bug Feature request
  • Slack
  • Twitter
Note:

This project will be discontinued after December 13, 2021. [more]

    CVE-2016-1000037 (NVD)

    2019-11-06

    Pagure: XSS possible in file attachment endpoint

    Products Fedora, Enterprise_linux, Pagure
    Type Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') (CWE-79)
    First patch - None (likely due to unavailable code)
    Links • https://raw.githubusercontent.com/distributedweaknessfiling/cvelist/master/2016/1000xxx/CVE-2016-1000037.json
    • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R7EHB2WQ46M737B2STHQTOPTBSSQJDSS/
    • https://security-tracker.debian.org/tracker/CVE-2016-1000037
    • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-1000037

    Disclaimer: Vulncode-DB is not an officially supported Google product. Terms of Use
    See the vulncode-db repository for more information.


    Running version: bffd1467df54d98e5271ec977330365d5879b60d (2021-11-29 03:52:21)