CVE-2004-1075
CVE-2004-1075
Cross-site scripting (XSS) vulnerability in standard_error_message.dtml for Zwiki after 0.10.0rc1 to 0.36.2 allows remote attackers to inject arbitrary HTML and web script via a malformed URL, which is not properly cleansed when generating an error message.
Affected products
n/a · n/apublic PoCs found — 1
exploitdbwww.exploit-db.com/exploits/24772unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://marc.info/?l=bugtraq&m=110138568212036&w=2http://marc.info/?l=bugtraq&m=110149122529761&w=2https://exchange.xforce.ibmcloud.com/vulnerabilities/18237http://www.gentoo.org/security/en/glsa/glsa-200412-23.xmlhttp://www.securityfocus.com/bid/11745http://zwiki.org/925ZwikiXSSVulnerability