Vulnerabilities > CVE-2004-2128 - Cross-Site Scripting vulnerability in BRS WebWeaver
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Cross-site scripting (XSS) vulnerability in BRS WebWeaver 1.07 allows remote attackers to execute arbitrary script as other users via the query string to ISAPISkeleton.dll.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | BRS WebWeaver 1.0.7 ISAPISkeleton.dll Cross-Site Scripting Vulnerability. CVE-2004-2128. Remote exploit for windows platform |
| id | EDB-ID:23612 |
| last seen | 2016-02-02 |
| modified | 2004-01-28 |
| published | 2004-01-28 |
| reporter | Oliver Karow |
| source | https://www.exploit-db.com/download/23612/ |
| title | BRS WebWeaver 1.0.7 ISAPISkeleton.dll Cross-Site Scripting Vulnerability |
References
- http://marc.info/?l=bugtraq&m=107531020924977&w=2
- http://secunia.com/advisories/10741
- http://www.brswebweaver.com/modules.php?op=modload&name=News&file=article&sid=1
- http://www.osvdb.org/3741
- http://www.securityfocus.com/bid/9516
- http://www.securitytracker.com/id?1008880
- https://exchange.xforce.ibmcloud.com/vulnerabilities/14977