Headline
CVE-2021-44543: www.privoxy.org Git - privoxy.git/commit
An XSS vulnerability was found in Privoxy which was fixed in cgi_error_no_template() by encode the template name when Privoxy is configured to servce the user-manual itself.
author
Fabian Keil [email protected]
Tue, 2 Nov 2021 11:11:37 +0000 (12:11 +0100)
committer
Fabian Keil [email protected]
Tue, 7 Dec 2021 14:06:06 +0000 (15:06 +0100)
commit
0e668e9409cbf4ab8bf2d79be204bd4e81a00d85
tree
1fca9df628a2c3cb35a4e1b6291ec80ee9509072
tree | snapshot
parent
8080c826a824bf98a3a7eff419db2a41600c8437
commit | diff
cgi_error_no_template(): Encode the template name to prevent XSS
OVE-20211102-0001. CVE-2021-44543.
Reported by: Artem Ivanov