Herberlin BremsServer 1.2.4 - Cross-Site Scripting
| EKU-ID: 29035 | CVE: CVE-2004-2113;OSVDB-3754 | OSVDB-ID: |
| Author: Donato Ferrante | Published: 2004-01-26 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 29035 | CVE: CVE-2004-2113;OSVDB-3754 | OSVDB-ID: |
| Author: Donato Ferrante | Published: 2004-01-26 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/9491/info
BremsServer has been reported to contain cross-site scripting vulnerabilities. This issue is due to the server failing to check or filter user strings that are sent to the server. An attacker may exploit these issues by creating a link that includes embedded malicious HTML and script code and enticing a user to follow it.
http://www.example.com/<script>alert("Test")</script>