Multiple cross-site scripting (XSS) vulnerabilities in ArticleLive 2005 allow remote attackers to inject arbitrary web script or HTML via the (1) Query, (2) Username, (3) LastName, (4) Biography, or (5) BlogId parameter.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Articlelive | Interspire | 2005 (including) | 2005 (including) |
References
- http://marc.info/?l=bugtraq\u0026m=111530871724865\u0026w=2
- http://secunia.com/advisories/15250
- http://securitytracker.com/id?1013895
- http://www.osvdb.org/16183
- http://www.securityfocus.com/bid/13493
- https://exchange.xforce.ibmcloud.com/vulnerabilities/20430
- http://marc.info/?l=bugtraq\u0026m=111530871724865\u0026w=2
- http://secunia.com/advisories/15250
- http://securitytracker.com/id?1013895
- http://www.osvdb.org/16183
- http://www.securityfocus.com/bid/13493
- https://exchange.xforce.ibmcloud.com/vulnerabilities/20430