Vulnerabilities > CVE-2004-1341 - Unspecified vulnerability in Roar Smith Info2Www 1.2.2.9

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
roar-smith
nessus

Summary

Cross-site scripting (XSS) vulnerability in info2www before 1.2.2.9 allows remote attackers to inject arbitrary web script or HTML via the arguments to info2www.

Vulnerable Configurations

Part Description Count
Application
Roar_Smith
1

Nessus

NASL familyDebian Local Security Checks
NASL idDEBIAN_DSA-711.NASL
descriptionNicolas Gregoire discovered a cross-site scripting vulnerability in info2www, a converter for info files to HTML. A malicious person could place a harmless looking link on the web that could cause arbitrary commands to be executed in the browser of the victim user.
last seen2020-06-01
modified2020-06-02
plugin id18086
published2005-04-19
reporterThis script is Copyright (C) 2005-2019 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/18086
titleDebian DSA-711-1 : info2www - missing input sanitising