Bug#762967: XSS in bugs.debian.org/cgi-bin/version.cgi

Package: debbugs Severity: important bugs.debian.org/cgi-bin/version.cgi contains an XSS vulnerability in the 'package' var. PoC: https://bugs.debian.org/cgi-bin/version.cgi?info=1;package=%3C/title%3E%3Cscript%3Ealert('xss')%3B%3C/script%3E -v -- To UNSUBSCRIBE, email to debian-debbugs-requ.

Processed: limit source to debbugs, tagging 762967

Processing commands for cont...@bugs.debian.org: > limit source debbugs Limiting to bugs with field 'source' containing at least one of 'debbugs' Limit currently set to 'source':'debbugs' > tags 762967 + pending Bug #762967 [debbugs] XSS in bugs.debian.org/cgi-bin/version.cgi Added tag(s) pending