User-Friendly USVN is a web interface written in PHP used to configure Subversion repositories.

We found a stored XSS vulnerability inside the commit module, that could allow an attacker to execute JavaScript into the client application and take over user web browsers.

Lire la suite


User-Friendly USVN is a web interface written in PHP used to configure Subversion repositories.

We could execute code remotely, through an OS command injection inside the Timeline module. It can be used by an authenticated user to execute arbitrary command against the operating system.

Lire la suite