CVE-2004-0534

CVE-2004-0534

EPSS 1.2%

Cross-site scripting (XSS) vulnerability in Business Objects InfoView 5.1.4 through 5.1.8 for WebIntelligence 2.7.0 through 2.7.4 allows remote attackers to inject arbitrary web script or HTML via document names when uploading a document.

Productos afectados

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

http://archives.neohapsis.com/archives/vulnwatch/2004-q3/0057.html http://lists.grok.org.uk/pipermail/full-disclosure/2004-September/026550.html http://secunia.com/advisories/12587/https://exchange.xforce.ibmcloud.com/vulnerabilities/17419 http://www.securityfocus.com/bid/11209