Vulnerabilities > CVE-2005-3966 - Cross-Site Scripting vulnerability in Java Search Engine Java Search Engine 0.9.34
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
Cross-site scripting (XSS) vulnerability in search.jsp in Java Search Engine (JSE) 0.9.34 allows remote attackers to inject arbitrary web script or HTML via the q parameter.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | Java Search Engine 0.9.34 Search.JSP Cross-Site Scripting Vulnerability. CVE-2005-3966. Webapps exploit for jsp platform |
id | EDB-ID:26700 |
last seen | 2016-02-03 |
modified | 2005-12-02 |
published | 2005-12-02 |
reporter | r0t |
source | https://www.exploit-db.com/download/26700/ |
title | Java Search Engine 0.9.34 - Search.JSP Cross-Site Scripting Vulnerability |