e-Zone FuseTalk搜索结果跨站脚本漏洞

漏洞信息详情

e-Zone FuseTalk搜索结果跨站脚本漏洞

• CNNVD编号：CNNVD-200212-791
• 危害等级： 中危
  
  
• CVE编号：
  CVE-2002-2166
  
• 漏洞类型：
  
  
  跨站脚本
  
• 发布时间：
  
  2002-12-31
  
• 威胁类型：
  
  
  远程
  
• 更新时间：
  
  2006-02-13
  
• 厂        商：
  
  e-zone_media_inc.
• 漏洞来源：
  .’);”>Published by mike …

FuseTalk 2.0 和3.0版本存在跨站脚本(XSS)漏洞。远程攻击者可以注入任意HTML和web脚本。

The vendor has reported that a patch is available for all affected customers. Customers are advised to login to the client area of the vendor site, and navigate to the patch page where they can obtain the appropriate patch. Customers are advised to contact the vendor for further details.

来源: BID
名称: 5236
链接:http://www.securityfocus.com/bid/5236

来源: XF
名称: fusetalk-search-xss(9637)
链接:http://www.iss.net/security_center/static/9637.php