PYSEC-2009-1

See a problem?

Import Source

https://github.com/pypa/advisory-database/blob/main/vulns/buildbot/PYSEC-2009-1.yaml

JSON Data

https://api.test.osv.dev/v1/vulns/PYSEC-2009-1

Aliases

CVE-2009-2959
GHSA-jqqh-999x-w26w

Published

2009-08-25T17:30:00Z

Modified

2024-04-01T19:57:09.226956Z

Summary

[none]

Details

Cross-site scripting (XSS) vulnerability in the waterfall web status view (status/web/waterfall.py) in Buildbot 0.7.6 through 0.7.11p1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

References

http://secunia.com/advisories/36352
http://www.vupen.com/english/advisories/2009/2352
http://secunia.com/advisories/36418
http://www.securityfocus.com/bid/36100
http://sourceforge.net/mailarchive/message.php?msg_name=42338fbf0908121232mb790a6cn787ac3de90e8bc31%40mail.gmail.com
https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00978.html
https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00985.html
http://buildbot.net/trac#SecurityAlert

Affected packages

PyPI / buildbot

Package

Name: buildbot; View open source insights on deps.dev
Purl: pkg:pypi/buildbot

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0.7.6

Fixed

0.7.12

Affected versions

0.*

0.7.6

0.7.7

0.7.8

0.7.9

0.7.10

0.7.11

Database specific

source

"https://github.com/pypa/advisory-database/blob/main/vulns/buildbot/PYSEC-2009-1.yaml"