Vulnerabilities > Viewvc > Viewvc > 1.1.5
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-04 | CVE-2023-22464 | Cross-site Scripting vulnerability in Viewvc ViewVC is a browser interface for CVS and Subversion version control repositories. | 5.4 |
| 2023-01-03 | CVE-2023-22456 | Cross-site Scripting vulnerability in Viewvc ViewVC, a browser interface for CVS and Subversion version control repositories, as a cross-site scripting vulnerability that affects versions prior to 1.2.2 and 1.1.29. | 6.1 |
| 2020-04-03 | CVE-2020-5283 | Cross-site Scripting vulnerability in Viewvc ViewVC before versions 1.1.28 and 1.2.1 has a XSS vulnerability in CVS show_subdir_lastmod support. | 3.5 |
| 2017-03-15 | CVE-2017-5938 | Cross-site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in the nav_path function in lib/viewvc.py in ViewVC before 1.0.14 and 1.1.x before 1.1.26 allows remote attackers to inject arbitrary web script or HTML via the nav_data name. | 4.3 |
| 2012-07-22 | CVE-2012-3357 | Information Exposure vulnerability in Viewvc The SVN revision view (lib/vclib/svn/svn_repos.py) in ViewVC before 1.1.15 does not properly handle log messages when a readable path is copied from an unreadable path, which allows remote attackers to obtain sensitive information, related to a "log msg leak." | 5.0 |