Published: 28/05/2005 Updated: 10/09/2008

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 435

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Cross-site scripting (XSS) vulnerability in Jaws Glossary gadget 0.4 to 0.5.1 allows remote malicious users to inject arbitrary web script or HTML via the term parameter in a view or ViewTerm action to index.php.

Vulnerable Product	Search on Vulmon	Subscribe to Product
clam anti-virus clamav 0.81
clam anti-virus clamav 0.82
clam anti-virus clamav 0.83
clam anti-virus clamav 0.84_rc2
clam anti-virus clamav 0.84_rc1

source: wwwsecurityfocuscom/bid/13796/info JAWS is prone to a cross-site scripting vulnerability This issue is due to a failure in the application to properly sanitize user-supplied input to the 'Glossary' module This may facilitate the theft of cookie-based authentication credentials as well as other attacks JAWS versions 04 and 0 ...

NVD-CWE-Other http://lists.grok.org.uk/pipermail/full-disclosure/2005-May/034354.html http://www.securityfocus.com/bid/13796 https://nvd.nist.gov https://www.exploit-db.com/exploits/25740/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2005-1800

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect