RSS   Vulnerabilities for
'Tornado knowledge retrieval system'
   RSS

2008-11-28
 
CVE-2008-5264

CWE-79
 

 
Cross-site scripting (XSS) vulnerability in searcher.exe in Tornado Knowledge Retrieval System 4.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the p parameter in a root action.

 


Copyright 2024, cxsecurity.com

 

Back to Top