VDB
GCVE-110-MAGEIA-2023-19
GCVE-110-MAGEIA-2023-19
Advisory Published
ViewVC is vulnerable to cross-site scripting. The impact of these
vulnerabilities is mitigated by the need for an attacker to have commit
privileges to a Subversion repository exposed by an otherwise trusted
ViewVC instance. The attack vector involves files with unsafe names (names
that, when embedded into an HTML stream, would cause the browser to run
unwanted code), which themselves can be challenging to create.
(CVE-2023-22456, CVE-2023-22464)
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | viewvc | 1.3.0-0.dev20200516.1.1.mga8 (unaffected), 0 (affected), 0 (affected), 1.3.0-0.dev20200516.1.1.mga8 (unaffected) | — |
| Mageia | x2goserver | 0 (affected), 4.1.0.3-1.2.mga8 (unaffected) | — |
Aliases
Browse GCVE Records
72,580 records in the GCVE database · Updated July 15, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.