Vulnerabilities > CVE-2004-0310 - HTML Injection vulnerability in LiveJournal
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL network
livejournal
Summary
Cross-site scripting (XSS) vulnerability in LiveJournal 1.0 and 1.1 allows remote attackers to execute Javascript as other users via the stylesheet, which does not strip the semicolon or parentheses, as demonstrated using a background:url.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |