CVE-2004-2566 Information

Feb 14, 2021 cve

Description

Multiple cross-site scripting (XSS) vulnerabilities in LiveWorld products possibly including (1) LiveForum (2) LiveQ&A (3) LiveChat and (4) LiveFocusGroup allow remote attackers to inject arbitrary web script or HTML via the q parameter in (a) search.jsp (b) findclub!execute.jspa and (c) search!execute.jspa.

Reference

http://archives.neohapsis.com/archives/bugtraq/2004-08/0326.html http://securitytracker.com/id?1011036 http://www.gulftech.org/?node=research&article_id=00044-08232004 http://www.osvdb.org/9180 https://exchange.xforce.ibmcloud.com/vulnerabilities/17104

Share on: