Release date:
Updated on: 2012-11-19
Affected Systems:
BugTracker. NET 3.5.8
Description:
--------------------------------------------------------------------------------
Bugtraq id: 56566
BugTracker. NET is a Web-based open-source Bug tracking system.
BugTracker.. NET 3.5.8 and other versions have multiple SQL injection, information leakage, cross-site scripting, and HTTP Response isolation vulnerabilities. Attackers can exploit these vulnerabilities to obtain sensitive information, attackers can exploit other vulnerabilities in the underlying database to spoof Web content or execute arbitrary code in the user's browser of the affected site.
<* Source: vendor
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
BugTracker
----------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Http://www.ifdefined.com/bugtrackernet.html