3 matches found
Cross-site Scripting (XSS)
primefaces is vulnerable to cross-site scripting. The vulnerability exists due to a lack of sanitization of the input values in AvatarRenderer.java allowing an attacker to inject maliciously crafted script via writeText function...
CVE-2006-3573
Format string vulnerability in the WriteText function in agltext.cpp in Milan Mimica Sparklet 0.9.4 and earlier allows remote attackers to execute arbitrary code via format string specifiers in a player nickname...
CVE-2006-3573
The CVE-2006-3573 entry describes a format string vulnerability in the WriteText function of the agl_text.cpp component within Milan Mimica Sparklet 0.9.4 and earlier . The flaw allows remote attackers to trigger arbitrary code execution via format string specifiers embedded in a player nickname....