CVE-2011-0728

Publication date

2011-03-29 18:00:00

Family

canonical

State

PUBLISHED

Description

Cross-site scripting (XSS) vulnerability in templatefunctions.py in Loggerhead before 1.18.1 allows remote authenticated users to inject arbitrary web script or HTML via a filename, which is not properly handled in a revision view.