EUVD-2014-0400

Malware in sbrugna...

Cross site scripting

Cross-site scripting XSS vulnerability on Google Search Appliance GSA devices before 7.0.14.G.216 and 7.2 before 7.2.0.G.114, when dynamic navigation is configured, allows remote attackers to inject arbitrary web script or HTML via input included in a SCRIPT element...

CVE-2014-0362

Cross-site scripting XSS vulnerability on Google Search Appliance GSA devices before 7.0.14.G.216 and 7.2 before 7.2.0.G.114, when dynamic navigation is configured, allows remote attackers to inject arbitrary web script or HTML via input included in a SCRIPT element...

CVE-2014-0362

CVE-2014-0362 describes an XSS flaw in Google Search Appliance (GSA) where input reflected into a [removed] block becomes executable when dynamic navigation is enabled. Affected products are GSA versions earlier than 7.0.14.G.216 and 7.2 earlier than 7.2.0.G.114. The impact is remote script execu...

Google Fixes XSS Flaw in Search Appliance

There’s a remotely exploitable vulnerability in several versions of the Google Search Appliance that could allow an unauthenticated attacker to execute a cross-site scripting attack and run a script in the context of the user’s browser. The Google Search Appliance is an enterprise product that...