Cross-site scripting (XSS) vulnerability in Cherokee before 0.4.8 allows remote attackers to inject arbitrary web script or HTML via the URL, which is not properly quoted in the resulting error page.
References
Link | Resource |
---|---|
http://secunia.com/advisories/10701/ | Exploit Patch |
http://www.osvdb.org/3707 | Patch |
http://www.securityfocus.com/bid/9496 | Exploit Patch Vendor Advisory |
https://exchange.xforce.ibmcloud.com/vulnerabilities/14936 |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2005-07-10T04:00:00
Updated: 2017-07-10T14:57:01
Reserved: 2005-07-10T00:00:00
Link: CVE-2004-2171
JSON object: View
NVD Information
Status : Modified
Published: 2004-12-31T05:00:00.000
Modified: 2017-07-11T01:31:41.280
Link: CVE-2004-2171
JSON object: View
Redhat Information
No data.
CWE