Phase:Cross-site scripting vulnerability (XSS) in ASPjar Guestbook 1.00 allows remote attackers to execute arbitrary script as other users via the "web site" parameter in a guestbook message.
ReferencesVULN-DEV:Saturday, May 04, 2002 Security holes : PHP Image View, NewsPro, Photo DB, As_web, GuestBook | URL:http://online.securityfocus.com/archive/82/270970 | MISC:http://www.ifrance.com/kitetoua/tuto/5holes4.txt | BID:4671 | URL:http://www.securityfoc
Votes:Assigned (Tuesday, June 21, 2005)
Comments:None (candidate not yet proposed)
F7: