Herberlin BremsServer 1.2.4 - Cross-Site Scripting Vulnerability

2004-01-26T00:00:00
ID EDB-ID:23600
Type exploitdb
Reporter Donato Ferrante
Modified 2004-01-26T00:00:00

Description

Herberlin BremsServer 1.2.4 Cross-Site Scripting Vulnerability. CVE-2004-2113. Remote exploits for multiple platform

                                        
                                            source: http://www.securityfocus.com/bid/9491/info

BremsServer has been reported to contain cross-site scripting vulnerabilities. This issue is due to the server failing to check or filter user strings that are sent to the server. An attacker may exploit these issues by creating a link that includes embedded malicious HTML and script code and enticing a user to follow it. 

http://www.example.com/<script>alert("Test")</script>