Gentoo Linux Security Advisory GLSA 200903-20 - Multiple vulnerabilities in WebSVN allow for file overwrite and information disclosure. James Bercegay of GulfTech Security reported a Cross-site scripting (XSS) vulnerability in the getParameterisedSelfUrl() function in index.php (CVE-2008-5918) and a directory traversal vulnerability in rss.php when magic_quotes_gpc is disabled (CVE-2008-5919). Versions less than 2.1.0 are affected.
c47bce5b9c11d49a0c300bbe9035b3bf7fc6515d15f7465de99987eca26f9e99