6 matches found
Sage 1.3.6 Input Validation Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/19928/info The application is prone to an input-validation vulnerability that allows malicious HTML and script code to be injected before it is used in dynamically generated content. Attacker-supplied HTML and script code...
CVE-2006-4712
Multiple cross-site scripting XSS vulnerabilities in Sage 1.3.6 allow remote attackers to inject arbitrary web script or HTML via JavaScript in a content:encoded element within an item element in an RSS feed, as demonstrated by four example content:encoded elements that use XMLHttpRequest to read...
CVE-2006-4712
Multiple cross-site scripting XSS vulnerabilities in Sage 1.3.6 allow remote attackers to inject arbitrary web script or HTML via JavaScript in a content:encoded element within an item element in an RSS feed, as demonstrated by four example content:encoded elements that use XMLHttpRequest to read...
CVE-2006-4712
Multiple cross-site scripting XSS vulnerabilities in Sage 1.3.6 allow remote attackers to inject arbitrary web script or HTML via JavaScript in a content:encoded element within an item element in an RSS feed, as demonstrated by four example content:encoded elements that use XMLHttpRequest to read...
CVE-2006-4712
CVE-2006-4712 affects Sage 1.3.6 and describes multiple XSS vulnerabilities in which remote attackers can inject arbitrary script via a content:encoded element in an RSS feed, demonstrated by four content:encoded elements that use XMLHttpRequest to read local files (Cross Context Scripting). The ...
Sage 1.3.6 - Input Validation
source: https://www.securityfocus.com/bid/19928/info The application is prone to an input-validation vulnerability that allows malicious HTML and script code to be injected before it is used in dynamically generated content. Attacker-supplied HTML and script code would execute in the context of t...