Cross-site scripting (XSS) vulnerability in namazu.cgi for Namazu 2.0.13 and earlier allows remote attackers to inject arbitrary HTML and web script via a query that starts with a tab (%09) character, which prevents the rest of the query from being properly sanitized.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Namazu | Namazu | 2.0.7 (including) | 2.0.7 (including) |
Namazu | Namazu | 2.0.8 (including) | 2.0.8 (including) |
Namazu | Namazu | 2.0.13 (including) | 2.0.13 (including) |