CVE-2004-2566
CVSS4.3
发布时间 :2004-12-31 00:00:00
修订时间 :2017-07-10 21:32:01
NMCO    

[原文]Multiple cross-site scripting (XSS) vulnerabilities in LiveWorld products, possibly including (1) LiveForum, (2) LiveQ&A, (3) LiveChat, and (4) LiveFocusGroup, allow remote attackers to inject arbitrary web script or HTML via the q parameter in (a) search.jsp, (b) findclub!execute.jspa, and (c) search!execute.jspa.


[CNNVD]LiveWorld跨站脚本漏洞([CNNbitrary webiveg.cr脚sync /blank据ry webiveg.critab)

="ditable namee namee namee namee namee namee namerong>( href="http://www.c。远程攻击者借助ecue.jspa, an,ab)search!execute.jspa.<,和e


的q参关入任意ramhttp://者 sea。

ass="clr">[_osvdb"据ry w"http://w w.cap.org.cn/inde#owrap=lass="db_icon="nicon"http://w <,searchbox-onlyly> b ly><