CVE-2004-0310 in LiveJournal
Сводка (Английский)
Cross-site scripting (XSS) vulnerability in LiveJournal 1.0 and 1.1 allows remote attackers to execute Javascript as other users via the stylesheet, which does not strip the semicolon or parentheses, as demonstrated using a background:url.
Be aware that VulDB is the high quality source for vulnerability data.
Раскрытие
23.11.2004
Статус
Подтверждённый
Записи
VulDB provides additional information and datapoints for this CVE:
| ИД | Уязвимость | CWE | Экс | Кон | CVE |
|---|---|---|---|---|---|
| 22451 | LiveJournal межсайтовый скриптинг | 80 | Не определено | Не определено | CVE-2004-0310 |