Cross-Site Scripting (XSS) Vulnerabilities in Slashcode's Search and Submit Modules

Cross-Site Scripting (XSS) Vulnerabilities in Slashcode's Search and Submit Modules

CVE-2004-2656 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

Multiple cross-site scripting (XSS) vulnerabilities in Slashdot Like Automated Storytelling Homepage (Slash) (aka Slashcode) before R_2_5_0_41 allow remote attackers to inject arbitrary web script or HTML via (1) the topic parameter in search.pl and (2) the filter parameter in submit.pl.

Learn more about our Web App Pen Testing.