CVE-2005-0476
CVE-2005-0476 describes a cross-site scripting (XSS) flaw in hpm_guestbook.cgi that allows remote attackers to inject arbitrary web script or HTML by posting a message. The NVD entry lists a Network attack vector, Medium complexity, no authentication, with an impact profile of confidentiality: no...