CVE-2005-4489

CVE-2005-4489

EPSS 2.0%

Cross-site scripting (XSS) vulnerability in Scoop 1.1 RC1 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) type and (2) count parameters, and (3) the query string in a story.

Produtos afetados

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

http://pridels0.blogspot.com/2005/12/scoop-xss-vuln.html http://secunia.com/advisories/18182 http://www.osvdb.org/21944 http://www.osvdb.org/21945 http://www.securityfocus.com/bid/16014 http://www.vupen.com/english/advisories/2005/3041