正文

WebCortex WebStores2000 Error.ASP跨站脚本攻击(XSS)漏洞

admin
admin V管理员 /0 评论 /9 阅读
1231
此篇文章发布距今已超过1229天,您需要注意文章的内容或图片是否可用!

漏洞信息详情

WebCortex WebStores2000 Error.ASP跨站脚本攻击(XSS)漏洞

  • CNNVD编号:CNNVD-200411-099
    • <!--
  • 危害等级: 中危-->
  • 危害等级: 中危
  • CVE编号: CVE-2004-0305
  • 漏洞类型: 跨站脚本
  • 发布时间: 2004-11-23
  • 威胁类型: 远程
  • 更新时间: 2007-01-02
  • 厂        商: webcortex
  • 漏洞来源: .');">Discovery of this ...

漏洞简介

WebCortex WebStores 2000 6.0的error.asp存在跨站脚本攻击(XSS)漏洞。远程攻击者可以借助Message_id参数以其他用户的身份执行任意脚本。

漏洞公告

It has been reported that the vendor has addressed this issue in the latest release of Webstores2000. This however has not been confirmed. Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] .

参考网址

来源: XF 名称: webstores-error-xss(15254) 链接:http://xforce.iss.net/xforce/xfdb/15254 来源: BID 名称: 9693 链接:http://www.securityfocus.com/bid/9693 来源: BUGTRAQ 名称: 20040218 WebCortex Webstores2000 version 6.0 multiple security vulnerabilities 链接:http://marc.theaimsgroup.com/?l=bugtraq&m=107712159425226&w=2

受影响实体

  • Webcortex Webstores_2000:6.0  
    <!--
    2000-1-1
    -->

补丁

    暂无