Cross site scripting

2008-09-0515:08:00

PRIOn knowledge base

www.prio-n.com

6.2 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

56.0%

JSON

Cross-site scripting (XSS) vulnerability in BizDirectory 2.04 and earlier allows remote attackers to inject arbitrary web script or HTML via the page parameter in a search action to the default URI.

CPENameOperatorVersion
bizdirectoryle2.04
bizdirectoryeq2.0
bizdirectoryeq1.9

Name	Operator	Version
bizdirectory	le	2.04
bizdirectory	eq	2.0
bizdirectory	eq	1.9

References

securityreason.com/securityalert/4222

www.securityfocus.com/bid/30980

marc.info/?l=bugtraq&m=122039853426550&w=2