Unrated severityNVD Advisory· Published Oct 25, 2012· Updated Jun 16, 2026
CVE-2011-5221
CVE-2011-5221
Description
Cross-site scripting (XSS) vulnerability in the getLog function in svnlook.php in WebSVN before 2.3.1 allows remote attackers to inject arbitrary web script or HTML via the path parameter to (1) comp.php, (2) diff.php, or (3) revision.php.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
7cpe:2.3:a:websvn:websvn:*:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:a:websvn:websvn:*:*:*:*:*:*:*:*range: <=2.3.0
- cpe:2.3:a:websvn:websvn:1.61:*:*:*:*:*:*:*
- cpe:2.3:a:websvn:websvn:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:websvn:websvn:2.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:websvn:websvn:2.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:websvn:websvn:2.2.1:*:*:*:*:*:*:*
- (no CPE)range: <2.3.1
Patches
Vulnerability mechanics
References
9- st2tea.blogspot.com/2011/12/websvn-cross-site-scripting.htmlnvdExploit
- secunia.com/advisories/47288nvdVendor Advisory
- osvdb.org/77941nvd
- osvdb.org/77942nvd
- osvdb.org/77943nvd
- websvn.tigris.org/issues/show_bug.cginvd
- www.securityfocus.com/bid/51109nvd
- www.securitytracker.com/idnvd
- exchange.xforce.ibmcloud.com/vulnerabilities/71888nvd
News mentions
0No linked articles in our index yet.