CVE-2004-1318

Name of the Vulnerable Software and Affected Versions Namazu versions 2.0.13 and earlier

Description The issue allows remote attackers to inject arbitrary HTML and web script, potentially leading to the disruption of protected information integrity. This can be achieved by exploiting a cross-site scripting (XSS) vulnerability in namazu.cgi, where a query starting with a tab ("%09") character prevents proper sanitization of the rest of the query. The vulnerability can be exploited remotely.

Recommendations For Namazu versions 2.0.13 and earlier, consider disabling the namazu.cgi script until a patch is available to prevent exploitation of the XSS vulnerability. Restrict access to the affected script to minimize the risk of remote attackers injecting arbitrary HTML and web script.