Arbitrary HTML and Script Injection in Vignette StoryServer and V/5
CVE-2003-0404 · MEDIUM Severity
AV:N/AC:M/AU:N/C:N/I:P/A:N
Multiple Cross Site Scripting (XSS) vulnerabilities in Vignette StoryServer 4 and 5, and Vignette V/5 and V/6, allow remote attackers to insert arbitrary HTML and script via text variables, as demonstrated using the errInfo parameter of the default login template.
Learn more about our Cis Benchmark Audit For Server Software.