Vulnerabilities > CVE-2004-1341 - Unspecified vulnerability in Roar Smith Info2Www 1.2.2.9
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN roar-smith
nessus
Summary
Cross-site scripting (XSS) vulnerability in info2www before 1.2.2.9 allows remote attackers to inject arbitrary web script or HTML via the arguments to info2www.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Nessus
| NASL family | Debian Local Security Checks |
| NASL id | DEBIAN_DSA-711.NASL |
| description | Nicolas Gregoire discovered a cross-site scripting vulnerability in info2www, a converter for info files to HTML. A malicious person could place a harmless looking link on the web that could cause arbitrary commands to be executed in the browser of the victim user. |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 18086 |
| published | 2005-04-19 |
| reporter | This script is Copyright (C) 2005-2019 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/18086 |
| title | Debian DSA-711-1 : info2www - missing input sanitising |