Fluid Attacks Database

Description

Cross-site scripting (XSS) vulnerability in the theme_adium_append_message function in empathy-theme-adium.c in the Adium theme in libempathy-gtk in Empathy 3.2.1 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted alias (aka nickname).

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 11	empathy	>=0 <3.2.1.1-1	3.2.1.1-1

Aliases

1. CVE-2011-36352. NVD-2011-36353. OSV-DEBIAN-2011-36354. OSV-2011-36355. SECURITY-TRACKER-CVE-2011-3635

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.