CVE-2004-2566

Name of the Vulnerable Software and Affected Versions LiveWorld products, including LiveForum, LiveQ&A, LiveChat, and LiveFocusGroup (affected versions not specified)

Description The issue concerns multiple cross-site scripting (XSS) vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML. The injection can occur via the q parameter in several API endpoints, including "search.jsp", "findclub!execute.jspa", and "search!execute.jspa".

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.