Vulnerabilities > CVE-2003-0404 - Cross-Site Scripting vulnerability in Vignette Content Suite, Storyserver and Vignette
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
Multiple Cross Site Scripting (XSS) vulnerabilities in Vignette StoryServer 4 and 5, and Vignette V/5 and V/6, allow remote attackers to insert arbitrary HTML and script via text variables, as demonstrated using the errInfo parameter of the default login template.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 7 |
Exploit-Db
description | Vignette 4/5 Cross-Site Scripting Vulnerabilities. CVE-2003-0404. Remote exploit for unix platform |
id | EDB-ID:22648 |
last seen | 2016-02-02 |
modified | 2003-05-26 |
published | 2003-05-26 |
reporter | Ramon Pinuaga Cascales |
source | https://www.exploit-db.com/download/22648/ |
title | Vignette 4/5 - Cross-Site Scripting Vulnerabilities |