CVE-2004-1657 Information

Description

Cross-site scripting (XSS) vulnerability in the Activity and Events Viewer for Newtelligence DasBlog allows remote attackers to inject arbitrary web script or HTML via the (1) User Agent or (2) Referrer HTTP headers.

Reference

http://marc.info/?l=bugtraq&m=109443321830050&w=2 http://secunia.com/advisories/12416 http://staff.newtelligence.net/clemensv/PermaLink.aspx?guid=69bce168-cb09-4f09-8d53-f0b97f11b198 http://www.securityfocus.com/bid/11086 https://exchange.xforce.ibmcloud.com/vulnerabilities/17174