PT-2005-5437 · Xerver · Xerver
Published
2005-12-31
·
Updated
2017-07-20
·
CVE-2005-4774
CVSS v2.0
4.3
Medium
| Vector | AV:N/AC:M/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
Xerver version 4.17
Description
A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML after a /%00/ sequence at the end of the URI.
Recommendations
For Xerver version 4.17, update to a version that fixes this issue, as the current version allows for the injection of malicious scripts.
Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Xerver