← back
CVE-2003-0404

CVE-2003-0404

EPSS 2.0%
Multiple Cross Site Scripting (XSS) vulnerabilities in Vignette StoryServer 4 and 5, and Vignette V/5 and V/6, allow remote attackers to insert arbitrary HTML and script via text variables, as demonstrated using the errInfo parameter of the default login template.
Affected products
n/a · n/a
public PoCs found1
exploitdbwww.exploit-db.com/exploits/22648unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://marc.info/?l=bugtraq&m=105406028027360&w=2http://www.iss.net/security_center/static/12071.phphttp://www.s21sec.com/es/avisos/s21sec-023-en.txthttp://www.securityfocus.com/bid/7687