漏洞信息详情
Vignette多个跨站脚本攻击(XSS)漏洞
- CNNVD编号:CNNVD-200306-112
- 危害等级: 中危
![图片[1]-Vignette多个跨站脚本攻击(XSS)漏洞-一一网](https://www.proyy.com/skycj/data/images/2021-05-17/30f462579bec41fc25e0b1d57503e6d6.png)
- CVE编号:
CVE-2003-0404
- 漏洞类型:
输入验证
- 发布时间:
2003-06-30
- 威胁类型:
远程
- 更新时间:
2005-10-20
- 厂 商:
vignette - 漏洞来源:
Discovery of this … -
漏洞简介
Vignette StoryServer 版本4和版本5,以及Vignette 版本V/5和版本V/6存在多个跨站脚本攻击(XSS)漏洞。远程攻击者可以借助text变量注入任意HTML和脚本,正如使用默认登录模板中的errInfo参数。
漏洞公告
The vendor has posted a response to this issue at the following location:
http://support.vignette.com/VOLSS/KB/View/1,,5557,00.html
It should be noted that only existing Vignette customers and partners are able to access the above link.
The vendor has released a fix to address this issue. Vignette customers who are affected by this vulnerability have been advised to contact Vignette, using standard methods, as soon as possible to attain the required fixes.
参考网址
来源: BID
名称: 7687
链接:http://www.securityfocus.com/bid/7687
来源: www.s21sec.com
链接:http://www.s21sec.com/es/avisos/s21sec-023-en.txt
来源: XF
名称: vignette-multiple-xss(12071)
链接:http://www.iss.net/security_center/static/12071.php
来源: BUGTRAQ
名称: 20030526 S21SEC-023 – Vignette multiple Cross Site Scripting vulnerabilities
链接:http://marc.theaimsgroup.com/?l=bugtraq&m=105406028027360&w=2
![[桜井宁宁]COS和泉纱雾超可爱写真福利集-一一网](https://www.proyy.com/skycj/data/images/2020-12-13/4d3cf227a85d7e79f5d6b4efb6bde3e8.jpg)
![[桜井宁宁] 爆乳奶牛少女cos写真-一一网](https://www.proyy.com/skycj/data/images/2020-12-13/d40483e126fcf567894e89c65eaca655.jpg)
