VDB
GCVE-110-MAGEIA-2016-237
GCVE-110-MAGEIA-2016-237
Advisory Published
The squidGuard.cgi program is vulnerable to a reflected cross site
scripting vulnerability in the blocking script squidGuard.cgi. The
vulnerability is triggered when a user clicks a link to a blocked site
where the url has scripting instructions added (CVE-2015-8936).
In Mageia's squidguard package, both /var/www/cgi-bin/squidGuard.cgi and
/usr/share/squidGuard-1.4/samples/squidGuard.cgi were affected.
Note that it is highly recommended that any remaining users of this
package switch to ufdbguard, which has better compatibility with current
versions of Squid.
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | squidguard | 0 (affected), 1.4-21.1.mga5 (unaffected) | — |
Aliases
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.