- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 23564
- Проверка EDB
-
- Пройдено
- Автор
- DONATO FERRANTE
- Тип уязвимости
- REMOTE
- Платформа
- MULTIPLE
- CVE
- cve-2004-2096
- Дата публикации
- 2004-01-21
Код:
source: https://www.securityfocus.com/bid/9470/info
Mephistoles 'httpd' daemon fails to sanitize user-supplied input, making it vulnerable to cross-site scripting attacks. This vulnerability allows an attacker to construct a malicious link containing HTML or script code that may be rendered in a user's browser upon visiting that link. This attack would occur in the security context of the affected server.
http://www.example.com/<script>alert("Test")</script>
- Источник
- www.exploit-db.com