OpenWFE 1.4.x Remote Cross-Site Scripting And Connection Proxy Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/11514/info OpenWFE is affected by a cross-site scripting and connection proxy vulnerability. These issues are due to a failure of the application to properly sanitize user-supplied input. An attacker may leverage the...

CVE-2004-1630

The CVE-2004-1630 entry documents a Cross-site Scripting (XSS) vulnerability in Open WorkFlow Engine (OpenWFE) 1.4.x. The issue is triggered in the login form via the url parameter, allowing remote attackers to run arbitrary web script or HTML in a user’s browser. Impact is partial against integr...

CVE-2004-1631

Technical details about CVE-2004-1631 are not publicly available in the provided documents; no affected products, versions, impact, or fixes are described here. Monitor for updates.

Two Vulnerabilities in OpenWFE Web Client

--------------------------------------------------------------------------- Two Vulnerabilities in OpenWFE --------------------------------------------------------------------------- Author: Jose Antonio Coret Joxean Koret Date: 2004 Location: Basque Country...

OpenWFE 1.4.x - Cross-Site Scripting / Connection Proxy

source: https://www.securityfocus.com/bid/11514/info OpenWFE is affected by a cross-site scripting and connection proxy vulnerability. These issues are due to a failure of the application to properly sanitize user-supplied input. An attacker may leverage the cross-site scripting issue to steal...