Package: debbugs Severity: important bugs.debian.org/cgi-bin/version.cgi contains an XSS vulnerability in the 'package' var.
PoC: https://bugs.debian.org/cgi-bin/version.cgi?info=1;package=%3C/title%3E%3Cscript%3Ealert('xss')%3B%3C/script%3E -v -- To UNSUBSCRIBE, email to debian-debbugs-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/54259c00.9040...@vlad.uz
