This page displays vulnerability information about FreeBSD Ports.
The last vuln.xml file processed by FreshPorts is:
Revision: 450162 Date: 2017-09-19 Time: 20:12:53Z Committer: madpilot
List all Vulnerabilities, by package
List all Vulnerabilities, by date
These are the vulnerabilities relating to the commit you have selected:
|ce680f0a-eea6-11e1-8bd8-0022156e8794||squidclamav -- cross-site scripting in default virus warning pages|
SquidClamav developers report:
Prior to versions 6.7 and 5.8, CGI script clwarn.cgi was not properly sanitizing input variables, so they could be used to inject arbitrary strings to the generated page, leading to the cross-site scripting attacks.
ge 6.0 lt 6.7