Cross-site scripting (XSS) vulnerability in parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote malicious users to insert arbitrary script via the filename parameter, which is inserted into an error message.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apple darwin streaming server 4.1.2 |
||
apple quicktime streaming server 4.1.1 |