Unrated severityNVD Advisory· Published Nov 19, 2012· Updated Jun 16, 2026
CVE-2012-4533
CVE-2012-4533
Description
Cross-site scripting (XSS) vulnerability in the "extra" details in the DiffSource._get_row function in lib/viewvc.py in ViewVC 1.0.x before 1.0.13 and 1.1.x before 1.1.16 allows remote authenticated users with repository commit access to inject arbitrary web script or HTML via the "function name" line.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4Patches
Vulnerability mechanics
References
16- bugs.debian.org/cgi-bin/bugreport.cginvdIssue TrackingMailing ListThird Party Advisory
- secunia.com/advisories/51041nvdThird Party Advisory
- secunia.com/advisories/51072nvdThird Party Advisory
- viewvc.tigris.org/issues/show_bug.cginvdThird Party Advisory
- viewvc.tigris.org/source/browse/viewvcnvdThird Party Advisory
- viewvc.tigris.org/source/browse/viewvcnvdThird Party Advisory
- www.debian.org/security/2012/dsa-2563nvdThird Party Advisory
- www.mandriva.com/security/advisoriesnvdThird Party Advisory
- www.openwall.com/lists/oss-security/2012/10/21/2nvdMailing ListThird Party Advisory
- www.openwall.com/lists/oss-security/2012/10/21/3nvdMailing ListThird Party Advisory
- www.securityfocus.com/bid/56161nvdThird Party AdvisoryVDB Entry
- exchange.xforce.ibmcloud.com/vulnerabilities/79561nvdThird Party AdvisoryVDB Entry
- wiki.mageia.org/en/Support/Advisories/MGASA-2012-0313nvdThird Party Advisory
- osvdb.org/86566nvdBroken Link
- viewvc.tigris.org/source/browse/%2Acheckout%2A/viewvc/tags/1.0.13/CHANGESnvd
- viewvc.tigris.org/source/browse/%2Acheckout%2A/viewvc/tags/1.1.16/CHANGESnvd
News mentions
0No linked articles in our index yet.