FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

nag -- Cross site scripting vulnerabilities in several of the tasklist name and task data fields

Affected packages
nag < 2.0.4

Details

VuXML ID ee6b5956-6a89-11da-b96e-000fb586ba73
Discovery 2005-12-11
Entry 2005-12-11

Announce of Nag H3 (2.0.4) (final):

This [2.0.4] is a security release that fixes cross site scripting vulnerabilities in several of the tasklist name and task data fields. None of the vulnerabilities can be exploited by unauthenticated users; however, we strongly recommend that all users of Nag 2.0.3 upgrade to 2.0.4 as soon as possible.

References

URL http://marc.theaimsgroup.com/?l=horde-announce&m=113433205826731&w=2