TestLink Cross Site Scripting and SQL Injection Vulnerabilities
|
Bugtraq ID:
|
37258
|
|
Class:
|
Input Validation Error
|
|
CVE:
|
CVE-2009-4237
CVE-2009-4238
|
|
Remote:
|
Yes
|
|
Local:
|
No
|
|
Published:
|
Dec 09 2009 12:00AM
|
|
Updated:
|
Dec 11 2009 06:54PM
|
|
Credit:
|
Pablo Annetta from Core Security Technologies
|
|
Vulnerable:
|
TestLink TestLink 1.8.4
TestLink TestLink 1.8.3
TestLink TestLink 1.8.2
TestLink TestLink 1.8.1
TestLink TestLink 1.8
TestLink TestLink 1.7.4
TestLink TestLink 1.7.1
TestLink TestLink 1.7
TestLink TestLink 1.8 RC1
TestLink TestLink 0
|
|
|
|
Not Vulnerable:
|
TestLink TestLink 1.8.5
|
|
