Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3
CVE-2005-4454
- EPSS 0.47%
- Veröffentlicht 21.12.2005 11:03:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
Validate-before-filter vulnerability in cleanhtml.pl 1.129 in LiveJournal CVS before Dec 7 2005, when the cleancss option is enabled, allows remote attackers to conduct cross-site scripting (XSS) attacks via a "\" (backslash) within a "javascript" sc...
- EPSS 0.34%
- Veröffentlicht 21.12.2005 11:03:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
cleanhtml.pl 1.129 in LiveJournal CVS before Dec 13 2005 allows remote attackers to inject scripting languages via the XSL namespace in XML, via vectors such as customview.cgi.
6.8
CVE-2004-0310
- EPSS 0.83%
- Veröffentlicht 23.11.2004 05:00:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
Cross-site scripting (XSS) vulnerability in LiveJournal 1.0 and 1.1 allows remote attackers to execute Javascript as other users via the stylesheet, which does not strip the semicolon or parentheses, as demonstrated using a background:url.
1