NI3
10-30-2003, 08:28 PM
hi bache ha
----
SECUNIA ADVISORY ID:
SA10110
VERIFY ADVISORY:
[Only registered and activated users can see links]
CRITICAL:
Less critical
IMPACT:
Cross Site Scripting
WHERE:
From remote
SOFTWARE:
Booby 0.x
DESCRIPTION:
A vulnerability has been identified in Booby, which can be exploited
by malicious people to conduct Cross-Site Scripting attacks.
The vulnerability is caused due to an input validation error when
returning error messages. This can be exploited by including
arbitrary HTML or script code, which will be executed in a user's
browser session when viewed.
SOLUTION:
Update to version 0.2.4:
[Only registered and activated users can see links]
REPORTED BY / CREDITS:
Yao-Wen Huang
----
SECUNIA ADVISORY ID:
SA10110
VERIFY ADVISORY:
[Only registered and activated users can see links]
CRITICAL:
Less critical
IMPACT:
Cross Site Scripting
WHERE:
From remote
SOFTWARE:
Booby 0.x
DESCRIPTION:
A vulnerability has been identified in Booby, which can be exploited
by malicious people to conduct Cross-Site Scripting attacks.
The vulnerability is caused due to an input validation error when
returning error messages. This can be exploited by including
arbitrary HTML or script code, which will be executed in a user's
browser session when viewed.
SOLUTION:
Update to version 0.2.4:
[Only registered and activated users can see links]
REPORTED BY / CREDITS:
Yao-Wen Huang