VDB

GCVE-110-MAGEIA-2023-19

GCVE-110-MAGEIA-2023-19
Advisory Published
Vulnetix · Advisory published January 24, 2023
ViewVC is vulnerable to cross-site scripting. The impact of these vulnerabilities is mitigated by the need for an attacker to have commit privileges to a Subversion repository exposed by an otherwise trusted ViewVC instance. The attack vector involves files with unsafe names (names that, when embedded into an HTML stream, would cause the browser to run unwanted code), which themselves can be challenging to create. (CVE-2023-22456, CVE-2023-22464)

Affected Products

VendorProductVersionsPlatforms
Mageiaviewvc1.3.0-0.dev20200516.1.1.mga8 (unaffected), 0 (affected), 0 (affected), 1.3.0-0.dev20200516.1.1.mga8 (unaffected)
Mageiax2goserver0 (affected), 4.1.0.3-1.2.mga8 (unaffected)

Browse GCVE Records

72,580 records in the GCVE database · Updated July 15, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›