Cross-site scripting (XSS) vulnerability in LiveJournal 1.0 and 1.1 allows remote malicious users to execute Javascript as other users via the stylesheet, which does not strip the semicolon or parentheses, as demonstrated using a background:url.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
livejournal livejournal |