CVE-2005-2776 Information

Description

Multiple cross-site scripting (XSS) vulnerabilities in Looking Glass 20040427 allow remote attackers to inject arbitrary web script or HTML via the (1) version[fullname] (2) version[homepage] or (3) version[no] parameter to footer.php or the (4) version[fullname] (5) version[no] (6) version[author] (7) version[email] parameter to header.php.

Reference

http://de-neef.net/articles.php?id=2&page=2 http://marc.info/?l=bugtraq&m=112516327607001&w=2 http://rgod.altervista.org/lookingglass.html http://secunia.com/advisories/16607/ http://www.securityfocus.com/bid/14680 https://exchange.xforce.ibmcloud.com/vulnerabilities/22044