Vulnerabilities > Viewvc

DATE CVE VULNERABILITY TITLE RISK
2023-01-04 CVE-2023-22464 Cross-site Scripting vulnerability in Viewvc
ViewVC is a browser interface for CVS and Subversion version control repositories.
network
low complexity
viewvc CWE-79
5.4
2023-01-03 CVE-2023-22456 Cross-site Scripting vulnerability in Viewvc
ViewVC, a browser interface for CVS and Subversion version control repositories, as a cross-site scripting vulnerability that affects versions prior to 1.2.2 and 1.1.29.
network
low complexity
viewvc CWE-79
6.1
2020-04-03 CVE-2020-5283 Cross-site Scripting vulnerability in Viewvc
ViewVC before versions 1.1.28 and 1.2.1 has a XSS vulnerability in CVS show_subdir_lastmod support.
network
low complexity
viewvc CWE-79
3.5
2019-11-07 CVE-2007-5743 Incorrect Permission Assignment for Critical Resource vulnerability in multiple products
viewvc 1.0.3 allows improper access control to files in a repository when using the "forbidden" configuration option.
network
low complexity
viewvc debian CWE-732
7.5
2017-03-15 CVE-2017-5938 Cross-site Scripting vulnerability in multiple products
Cross-site scripting (XSS) vulnerability in the nav_path function in lib/viewvc.py in ViewVC before 1.0.14 and 1.1.x before 1.1.26 allows remote attackers to inject arbitrary web script or HTML via the nav_data name.
network
low complexity
debian opensuse-project opensuse viewvc CWE-79
6.1