Vulnerabilities > CVE-2004-2355 - HTML Injection vulnerability in Crafty Syntax Live Help Crafty Syntax Live Help 2.7.3

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
crafty-syntax-live-help
exploit available

Summary

Cross-site scripting (XSS) vulnerability in Crafty Syntax Live Help (CSLH) before 2.7.4 allows remote attackers to inject arbitrary web script or HTML via the name field of a livehelp or chat session.

Vulnerable Configurations

Part Description Count
Application
Crafty_Syntax_Live_Help
1

Exploit-Db

descriptionCrafty Syntax Live Help 2.7.3 Multiple HTML Injection Vulnerabilities. CVE-2004-2355. Webapps exploit for php platform
idEDB-ID:24169
last seen2016-02-02
modified2004-06-04
published2004-06-04
reporterHNK Technology Solutions
sourcehttps://www.exploit-db.com/download/24169/
titleCrafty Syntax Live Help 2.7.3 - Multiple HTML Injection Vulnerabilities