漏洞信息详情
WebCT Campus Edition HTML Tags HTML注入漏洞
- CNNVD编号:CNNVD-200412-506 <!--
- 危害等级: 中危-->
- 危害等级: 中危
- CVE编号: CVE-2004-2015
- 漏洞类型: 跨站脚本
- 发布时间: 2004-12-31
- 威胁类型: 远程
- 更新时间: 2006-05-01
- 厂 商: webct
- 漏洞来源: .');">Disclosure of this...
-
漏洞简介
WebCT Campus Edition存在跨站脚本漏洞。远程攻击者借助(1)iframe,(2)img,或者(3) object标签注入任意HTML或者web脚本。
漏洞公告
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] .
参考网址
来源: XF 名称: webct-iframe-img-tags-xss(16156) 链接:http://xforce.iss.net/xforce/xfdb/16156 来源: BID 名称: 10357 链接:http://www.securityfocus.com/bid/10357 来源: BUGTRAQ 名称: 20040517 WebCT: Cross Site Scripting Vulnerability 链接:http://marc.theaimsgroup.com/?l=bugtraq&m=108481256731404&w=2 来源: FULLDISC 名称: 20040516 WebCT: Cross Site Scripting Vulnerability 链接:http://archives.neohapsis.com/archives/fulldisclosure/2004-05/0851.html
受影响实体
- Webct Webct:Campus_4.1_sp2_hotfix_40832<!--2000-1-1-->
- Webct Webct:Campus_4.1.1.5<!--2000-1-1-->
- Webct Webct:Campus_4.1<!--2000-1-1-->
- Webct Webct:Campus_4.0_sp3_hotfix_40833<!--2000-1-1-->
- Webct Webct:Campus_4.0<!--2000-1-1-->
补丁
暂无
还没有评论,来说两句吧...