Cross-site scripting (XSS) vulnerability in BRS WebWeaver 1.07 allows remote attackers to execute arbitrary script as other users via the query string to ISAPISkeleton.dll.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Webweaver | Brs | 1.0.7 (including) | 1.0.7 (including) |
References
- http://marc.info/?l=bugtraq\u0026m=107531020924977\u0026w=2
- http://secunia.com/advisories/10741
- http://www.brswebweaver.com/modules.php?op=modload\u0026name=News\u0026file=article\u0026sid=1
- http://www.osvdb.org/3741
- http://www.securityfocus.com/bid/9516
- http://www.securitytracker.com/id?1008880
- https://exchange.xforce.ibmcloud.com/vulnerabilities/14977
- http://marc.info/?l=bugtraq\u0026m=107531020924977\u0026w=2
- http://secunia.com/advisories/10741
- http://www.brswebweaver.com/modules.php?op=modload\u0026name=News\u0026file=article\u0026sid=1
- http://www.osvdb.org/3741
- http://www.securityfocus.com/bid/9516
- http://www.securitytracker.com/id?1008880
- https://exchange.xforce.ibmcloud.com/vulnerabilities/14977