Vulnerabilities > CVE-2003-0404 - Unspecified vulnerability in Vignette Content Suite, Storyserver and Vignette
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN vignette
exploit available
Summary
Multiple Cross Site Scripting (XSS) vulnerabilities in Vignette StoryServer 4 and 5, and Vignette V/5 and V/6, allow remote attackers to insert arbitrary HTML and script via text variables, as demonstrated using the errInfo parameter of the default login template.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 7 |
Exploit-Db
| description | Vignette 4/5 Cross-Site Scripting Vulnerabilities. CVE-2003-0404. Remote exploit for unix platform |
| id | EDB-ID:22648 |
| last seen | 2016-02-02 |
| modified | 2003-05-26 |
| published | 2003-05-26 |
| reporter | Ramon Pinuaga Cascales |
| source | https://www.exploit-db.com/download/22648/ |
| title | Vignette 4/5 - Cross-Site Scripting Vulnerabilities |
References
- http://marc.info/?l=bugtraq&m=105406028027360&w=2
- http://marc.info/?l=bugtraq&m=105406028027360&w=2
- http://www.iss.net/security_center/static/12071.php
- http://www.iss.net/security_center/static/12071.php
- http://www.s21sec.com/es/avisos/s21sec-023-en.txt
- http://www.s21sec.com/es/avisos/s21sec-023-en.txt
- http://www.securityfocus.com/bid/7687
- http://www.securityfocus.com/bid/7687