CVE-2003-0404

Published: 30/06/2003 Updated: 18/10/2016

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 435

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Multiple Cross Site Scripting (XSS) vulnerabilities in Vignette StoryServer 4 and 5, and Vignette V/5 and V/6, allow remote malicious users to insert arbitrary HTML and script via text variables, as demonstrated using the errInfo parameter of the default login template.

Vulnerable Product	Search on Vulmon	Subscribe to Product
vignette content suite 6.0
vignette content suite 7.0
vignette storyserver 4.0
vignette storyserver 4.1
vignette storyserver 5.0
vignette content suite 5.0
vignette vignette 5.0

source: wwwsecurityfocuscom/bid/7687/info Vignette software has been reported prone to multiple cross-site scripting vulnerabilities Reportedly the issue presents itself, because the Vignette software does not sufficiently sanitize HTML characters from user-supplied data It may be possible for an attacker to supply and execute HTML an ...

NVD-CWE-Other http://www.s21sec.com/es/avisos/s21sec-023-en.txt http://www.iss.net/security_center/static/12071.php http://www.securityfocus.com/bid/7687 http://marc.info/?l=bugtraq&m=105406028027360&w=2 https://nvd.nist.gov https://www.exploit-db.com/exploits/22648/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2003-0404

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect