Description
Cross-site scripting (XSS) vulnerability in job.cc in apt-cacher-ng 0.7.26 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
References (6)
Core 6
Core References
Mailing List mailing-list
x_refsource_mlist
http://seclists.org/oss-sec/2014/q2/603
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/68136
Exploit x_refsource_misc
http://anonscm.debian.org/cgit/apt-cacher-ng/apt-cacher-ng.git/diff/?id=6f08e6a3995d1bed4e837889a3945b6dc650f6ad
Mailing List mailing-list
x_refsource_mlist
http://seclists.org/oss-sec/2014/q2/602
Issue Tracking x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=1111807
Scores
EPSS
0.0098
EPSS Percentile
58.0%
Details
CWE
CWE-352
Status
published
Products (1)
debian/apt-cacher
0.7.26
Published
Oct 06, 2014
Tracked Since
Feb 18, 2026