CVE Vulnerabilities

CVE-2004-1318

Published: Jan 06, 2005 | Modified: Jul 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.3 MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

Cross-site scripting (XSS) vulnerability in namazu.cgi for Namazu 2.0.13 and earlier allows remote attackers to inject arbitrary HTML and web script via a query that starts with a tab (%09) character, which prevents the rest of the query from being properly sanitized.

Affected Software

Name Vendor Start Version End Version
Namazu Namazu 2.0.7 2.0.7
Namazu Namazu 2.0.8 2.0.8
Namazu Namazu 2.0.13 2.0.13

References