Newtelligence DasBlog请求日志HTML注入漏洞

漏洞信息详情

Newtelligence DasBlog请求日志HTML注入漏洞

• CNNVD编号：CNNVD-200409-002
• 危害等级： 中危
  
  
• CVE编号：
  CVE-2004-1657
  
• 漏洞类型：
  
  
  跨站脚本
  
• 发布时间：
  
  2004-09-01
  
• 威胁类型：
  
  
  远程
  
• 更新时间：
  
  2005-10-20
  
• 厂        商：
  
  newtelligence
• 漏洞来源：
  Dominick Baier
  

• 
  newtelligence DasBlog HTML Injection Fixes
  
  http://www.gotdotnet.com/workspaces/releases/checkfordownload.aspx?id=
  d77a29128-4746-4473-b676-e4f1517a1907&ReleaseId=f3480273-cdca-4701-a43
  d-ba2b987ff270

newtelligence DasBlog 1.4

• newtelligence DasBlog HTML Injection Fixes
  
  http://www.gotdotnet.com/workspaces/releases/checkfordownload.aspx?id=
  d77a29128-4746-4473-b676-e4f1517a1907&ReleaseId=f3480273-cdca-4701-a43
  d-ba2b987ff270

newtelligence DasBlog 1.5

• newtelligence DasBlog HTML Injection Fixes
  
  http://www.gotdotnet.com/workspaces/releases/checkfordownload.aspx?id=
  d77a29128-4746-4473-b676-e4f1517a1907&ReleaseId=f3480273-cdca-4701-a43
  d-ba2b987ff270

newtelligence DasBlog 1.6

• newtelligence DasBlog HTML Injection Fixes
  
  http://www.gotdotnet.com/workspaces/releases/checkfordownload.aspx?id=
  d77a29128-4746-4473-b676-e4f1517a1907&ReleaseId=f3480273-cdca-4701-a43
  d-ba2b987ff270

来源: XF
名称: dasblog-useragent-referer-xss(17174)
链接:http://xforce.iss.net/xforce/xfdb/17174

来源: BID
名称: 11086
链接:http://www.securityfocus.com/bid/11086

来源: SECUNIA
名称: 12416
链接:http://secunia.com/advisories/12416

来源: BUGTRAQ
名称: 20040901 Cross-Site Scripting Vulnerability in Newtelligence DasBlog
链接:http://marc.theaimsgroup.com/?l=bugtraq&m=109443321830050&w=2

来源: staff.newtelligence.net
链接:http://staff.newtelligence.net/clemensv/PermaLink.aspx?guid=69bce168-cb09-4f09-8d53-f0b97f11b198