CVE-2007-6460 Information

Description

Multiple cross-site scripting (XSS) vulnerabilities in Anon Proxy Server before 0.101 allow remote attackers to inject arbitrary web script or HTML via the URI which is later displayed by (1) log.php or (2) logerror.php a different vulnerability than CVE-2007-6459.

Reference

http://anonproxyserver.svn.sourceforge.net/viewvc/anonproxyserver/trunk/anon_proxy_server/ http://anonproxyserver.svn.sourceforge.net/viewvc/anonproxyserver/trunk/anon_proxy_server/log.php?r1=284&r2=325 http://anonproxyserver.svn.sourceforge.net/viewvc/anonproxyserver/trunk/anon_proxy_server/logerror.php?r1=245&r2=325 http://sourceforge.net/forum/forum.php?forum_id=761265