Information on source package spotweb

Available versions

ReleaseVersion
jessie20130826+dfsg2-2
stretch20130826+dfsg3-4
buster20130826+dfsg3-4

Open issues

BugjessiestretchbusterDescription
CVE-2021-43725vulnerablevulnerable (no DSA)vulnerable (no DSA)There is a Cross Site Scripting (XSS) vulnerability in SpotPage_login. ...
CVE-2021-33966vulnerablevulnerable (no DSA, postponed)vulnerable (no DSA)Cross site scripting (XSS) vulnerability in spotweb 1.4.9, allows auth ...
CVE-2020-35545vulnerablevulnerable (no DSA)vulnerable (no DSA)Time-based SQL injection exists in Spotweb 1.4.9 via the query string.

Open unimportant issues

BugjessiestretchbusterDescription
CVE-2021-40973vulnerablevulnerablevulnerableCross-site scripting (XSS) vulnerability in templates/installer/step-0 ...
CVE-2021-40972vulnerablevulnerablevulnerableCross-site scripting (XSS) vulnerability in templates/installer/step-0 ...
CVE-2021-40971vulnerablevulnerablevulnerableCross-site scripting (XSS) vulnerability in templates/installer/step-0 ...
CVE-2021-40970vulnerablevulnerablevulnerableCross-site scripting (XSS) vulnerability in templates/installer/step-0 ...
CVE-2021-40969vulnerablevulnerablevulnerableCross-site scripting (XSS) vulnerability in templates/installer/step-0 ...
CVE-2021-40968vulnerablevulnerablevulnerableCross-site scripting (XSS) vulnerability in templates/installer/step-0 ...

Resolved issues

BugDescription
CVE-2021-3286SQL injection exists in Spotweb 1.4.9 because the notAllowedCommands p ...
Search for package or bug name: Reporting problems