|
|
CVE Reference: CVE-2005-3955 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2005-3955 |
|
|
Description: Multiple cross-site scripting (XSS) vulnerabilities in MagpieRSS 7.1, as used in (a) blogBuddiesv 0.3, (b) Jaws 0.6.2, and possibly other products, allow remote attackers to inject arbitrary web script or HTML via the (1) url parameter to (a) magpie_debug.php and (2) rss_url parameter to (b) magpie_slashbox.php and (c) simple_smarty.php. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/27337 ST 1015264 SAID Secunia Advisory: SA20842 Secunia Advisory: SA17741 OSVDB 21643 21112 21113 MISC http://retrogod.altervista.org/JAWS_062_sql.html http://www.jaws-project.com/index.php?blog/show/29 CONFIRM http://sourceforge.net/tracker/index.php?func=detail&aid=1366743&group_id=127552&atid=708847 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/438434/100/0/threaded BID 15555 18665 |
|
| Return to the previous page. |
