363 matches found
ISA Server - Error Page Cross Site Scripting
======================================================================== = ISA Server - Error Page Cross Site Scripting = = [email protected] = http://www.security-assessment.com = = MS Bulletin posted: July 16, 2003 = http...
Microsoft Security Bulletin MS03-028: Flaw in ISA Server Error Pages Could Allow Cross-Site Scripting Attack (Q816456)
-----BEGIN PGP SIGNED MESSAGE----- - - --------------------------------------------------------------- Title: Flaw in ISA Server Error Pages Could Allow Cross-Site Scripting Attack 816456 Date: 16 July 2003 Software: Microsoftr ISA Server Max Risk: Important Bulletin: MS03-028 Microsoft encourage...
Microsoft Security Bulletin MS03-028: Flaw in ISA Server Error Pages Could Allow Cross-Site Scripting Attack (Q816456)
-----BEGIN PGP SIGNED MESSAGE----- - - --------------------------------------------------------------- Title: Flaw in ISA Server Error Pages Could Allow Cross-Site Scripting Attack 816456 Date: 16 July 2003 Software: Microsoftr ISA Server Max Risk: Important Bulletin: MS03-028 Microsoft encourage...
Microsoft ISA Server 2000 - Cross-Site Scripting
Microsoft ISA Server 2000 - Cross-Site Scripting source: https://www.securityfocus.com/bid/8207/info ISA server will output certain error pages when requests that are invalid, for whatever reason, are transmitted through it. These error pages will appear in the context of the domain that the...
Microsoft ISA Server 2000 - Cross-Site Scripting
source: https://www.securityfocus.com/bid/8207/info ISA server will output certain error pages when requests that are invalid, for whatever reason, are transmitted through it. These error pages will appear in the context of the domain that the request was made for. It has been reported that many ...
BRS Webweaver 1.0 - Error Page Cross-Site Scripting
BRS Webweaver 1.0 - Error Page Cross-Site Scripting source: https://www.securityfocus.com/bid/8037/info BRS WebWeaver is prone to cross-site scripting attacks. The vulnerability exists due to insufficient sanitization of user-supplied input. Specifically, BRS WebWeaver includes user requests when...
BRS Webweaver 1.0 - Error Page Cross-Site Scripting
source: https://www.securityfocus.com/bid/8037/info BRS WebWeaver is prone to cross-site scripting attacks. The vulnerability exists due to insufficient sanitization of user-supplied input. Specifically, BRS WebWeaver includes user requests when generating error pages. Exploitation could permit a...
Microsoft Internet Explorer 5 - Custom HTTP Error HTML Injection
source: https://www.securityfocus.com/bid/7939/info An issue has been reported for Microsoft Internet Explorer that may result in HTML injection attacks. The vulnerability exists when IE is used to display custom HTTP error messages also known as "Friendly HTTP error messages". Due to some errors...
Python 2.22.3 - Documentation Server Error Page Cross-Site Scripting
Python 2.22.3 - Documentation Server Error Page Cross-Site Scripting source: https://www.securityfocus.com/bid/7353/info It has been reported that the Python Documentation Server is vulnerable to a cross-site scripting problem in error pages. Because of this, an attacker could potentially cause t...
Python 2.2/2.3 - Documentation Server Error Page Cross-Site Scripting
source: https://www.securityfocus.com/bid/7353/info It has been reported that the Python Documentation Server is vulnerable to a cross-site scripting problem in error pages. Because of this, an attacker could potentially cause the execution of malicious HTML and script code in the browser of a we...
Security fix for the ALT Linux 9 package apache2 version 2.0.40-10
Oct. 9, 2002 Joe Orton &[email protected] 2.0.40-10 - fix patch for CAN-2002-0840 to also cover i18n error pages...
Security fix for the ALT Linux 8 package apache2 version 2.0.40-10
Oct. 9, 2002 Joe Orton &[email protected] 2.0.40-10 - fix patch for CAN-2002-0840 to also cover i18n error pages...
Security fix for the ALT Linux 10 package apache2 version 2.0.40-10
Oct. 9, 2002 Joe Orton &[email protected] 2.0.40-10 - fix patch for CAN-2002-0840 to also cover i18n error pages...
Apache 1.32.0.x - Server Side Include Cross-Site Scripting
Apache 1.32.0.x - Server Side Include Cross-Site Scripting source: https://www.securityfocus.com/bid/5847/info Apache is reported to be vulnerable to cross site scripting attacks. This vulnerability is due to the SSI error pages of the webserver not being properly sanitized of malicious HTML code...
Apache 1.3/2.0.x - Server Side Include Cross-Site Scripting
source: https://www.securityfocus.com/bid/5847/info Apache is reported to be vulnerable to cross site scripting attacks. This vulnerability is due to the SSI error pages of the webserver not being properly sanitized of malicious HTML code. Attacker-supplied HTML and script code may be executed on...
Imatix Xitami 2.5 - GSL Template Cross-Site Scripting
source: https://www.securityfocus.com/bid/5025/info Imatix Xitami is a webserver for Microsoft Windows operating systems. It is possible for attackers to construct a URL that will cause scripting code to be embedded in error pages. Xitami fails to check URLs for the presence of script commands wh...
Imatix Xitami 2.5 - GSL Template Cross-Site Scripting
Imatix Xitami 2.5 - GSL Template Cross-Site Scripting source: https://www.securityfocus.com/bid/5025/info Imatix Xitami is a webserver for Microsoft Windows operating systems. It is possible for attackers to construct a URL that will cause scripting code to be embedded in error pages. Xitami fail...
DeleGate 7.7.1 - Cross-Site Scripting
DeleGate 7.7.1 - Cross-Site Scripting source: https://www.securityfocus.com/bid/3749/info DeleGate is a proxy server which runs on Linux , Unix, Microsoft Windows and OS/2 platforms. It is capable of translating a number of protocolsHTTP, FTP, NNTP, POP, Telnet, etc. between client and server...
IBM VisualAge Professional vulnerable to Cross-Site Scripting via passing of user input directly to default error page
Overview Web Servers that use the IBM VisualAge Professional Vesion 3.5 Java Servlet Container are vulnerable to a cross-site scripting vulnerability. A web site may inadvertently include malicious HTML tags or scriptJavaScript, VBScript, Java, etc. in a dynamically generated page based on...
IBM WebSphere vulnerable to Cross-Site Scripting via passing of user input directly to default error page
Overview Web Servers that use the IBM WebSphere Java Servlet Container 3.5 and earlier are vulnerable to a cross-site scripting vulnerability. A web site may inadvertently include malicious HTML tags or scriptJavaScript, VBScript, Java, etc. in a dynamically generated page based on unvalidated...