Debian Security Advisory

DLA-453-1 extplorer -- LTS security update

Date Reported:
03 May 2016
Affected Packages:
extplorer
Vulnerable:
Yes
Security database references:
In the Debian bugtracking system: Bug 783231.
In Mitre's CVE dictionary: CVE-2015-0896.
More information:

Multiple cross-site scripting (XSS) vulnerabilities in eXtplorer before 2.1.7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

For Debian 6 Squeeze, these issues have been fixed in extplorer version 2.1.0b6+dfsg.3-4+deb7u2