FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

xapian-omega -- cross-site scripting vulnerability

Affected packages
xapian-omega < 1.0.16


VuXML ID b46f3a1e-a052-11de-a649-000c2955660f
Discovery 2009-09-09
Entry 2009-09-13

Olly Betts reports:

There's a cross-site scripting issue in Omega - exception messages don't currently get HTML entities escaped, but can contain CGI parameter values in some cases.


CVE Name CVE-2009-2947