JVN#00892830 Namazu cross-site scripting vulnerability

2008-03-21T00:00:00
ID JVN:00892830
Type jvn
Reporter Japan Vulnerability Notes
Modified 2008-05-21T00:00:00

Description

## Description

Namazu, Japanese full-text search engine does not specify charset in the ContentType header that could allow a remote attacker to execute an arbitrary script on the user's web browser.

## Impact

An arbitrary script could be executed on the user's web browser.

## Solution

Update the Software
Update to the latest version provided by Namazu Project.

Workarounds
Apply the appropriate workarounds according to the information provided by Namazu Project.

## Products Affected

  • Namazu 2.0.17 and earlier