2 matches found
Apache Jakarta Lucene results.jsp XSS
The remote host is using Apache Jakarta Lucene, a full-featured text search engine library implemented in Java. There is a cross-site scripting vulnerability in the script 'results.jsp' that may allow an attacker to steal the cookies of legitimate users on the remote host. %NASLMINLEVEL 70300 Thi...
[SA13360] Jakarta Lucene "results.jsp" Cross-Site Scripting Vulnerability
TITLE: Jakarta Lucene "results.jsp" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA13360 VERIFY ADVISORY: http://secunia.com/advisories/13360/ CRITICAL: Less critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: Jakarta Lucene 1.x http://secunia.com/product/4352/...