CVE-2007-3484 Information

Description

LICENSE README.md cvefilelist cvelist nvdcve nvdpages.sh scripts test-CVE-2017-1882.markdown test-CVE-2017-18822.markdown tmpvendorlinks DISPUTED LICENSE README.md cvefilelist cvelist nvdcve nvdpages.sh scripts test-CVE-2017-1882.markdown test-CVE-2017-18822.markdown tmpvendorlinks Cross-site scripting (XSS) vulnerability in search.php in Google Custom Search Engine allows remote attackers to inject arbitrary web script or HTML via the q parameter. NOTE: this issue is disputed by the Google Security Team who states that \Google does not provide the ‘search.php’ script referenced. When a user creates a custom search engine we provide them with a block of javascript to include on their site. Some users write additional code around this block of javascript to further customize their website.\

Reference

http://osvdb.org/38038 http://websecurity.com.ua/1050/ http://www.attrition.org/pipermail/vim/2007-July/001706.html