Bug: SkyeShoutbox <= v.1.2.0 XSS ( Ascii Version )

Search:
WLB2

SkyeShoutbox <= v.1.2.0 XSS

Published
Credit
Risk
2006.05.27
zerogue gmail com
Low
CWE
CVE
Local
Remote
CWE-79
CVE-2006-2596
CVE-2006-2584
No
Yes

SkyeShoutbox <= v.1.2.0 XSS

Discovered by: Nomenumbra

Date: 21/5/2006

impact:moderate (possible defacement)

SkyeShoutbox doesn't filter any input at all, thus

allowing attackers to inject arbitrary html or javascript.

Nomenumbra

See this note in TXT Version

Bugtraq RSS
Bugtraq
 
REDDIT
REDDIT
 
DIGG
DIGG
 
LinkedIn
LinkedIn
 
CVE RSS
CVEMAP

Copyright 2014, cxsecurity.com
Ascii Version