Vulnerabilities > CVE-2004-0347 - Cross-Site Scripting vulnerability in NetScreen SA 5000 Series delhomepage.cgi
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
SINGLE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL network
netscreen
Summary
Cross-site scripting (XSS) vulnerability in delhomepage.cgi in NetScreen-SA 5000 Series running firmware 3.3 Patch 1 (build 4797) allows remote authenticated users to execute arbitrary script as other users via the row parameter.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Hardware | 1 |
References
- http://lists.grok.org.uk/pipermail/full-disclosure/2004-March/018120.html
- http://marc.info/?l=bugtraq&m=107826362024112&w=2
- http://marc.info/?l=bugtraq&m=107850564102190&w=2
- http://www.kb.cert.org/vuls/id/114070
- http://www.securityfocus.com/bid/9791
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15368