2 matches found
CVE-2005-1800
Cross-site scripting XSS vulnerability in Jaws Glossary gadget 0.4 to 0.5.1 allows remote attackers to inject arbitrary web script or HTML via the term parameter in a view or ViewTerm action to index.php...
CVE-2005-1800
JAWS Glossary Gadget XSS (CVE-2005-1800) affects versions 0.4–0.5.1. The flaw stems from inadequate validation of user input in the GlossaryModel/view term handling for the term parameter to index.php, allowing remote script/HTML injection via XSS. Impact is web-based cross-site scripting; exploi...