[原文]Cross-site scripting (XSS) vulnerability in MyCO Guestbook 1.0 allows remote attackers to inject arbitrary web script or HTML via the Name field, when registering a user.
MyCO Guestbook New User Registration Name Field XSS
Remote / Network Access
Input Manipulation
Loss of Integrity
-
漏洞描述
Unknown or Incomplete
-
时间线
2006-01-31
Unknow
2006-01-31
Unknow
-
解决方案
Currently, there are no known upgrades, patches, or workarounds available to correct this issue. The vendor has indicated that the project is no longer supported.
三人行,必有我师焉。择其善者而从之,其不善者而改之。