CVE-2004-2757
Summary
| CVE | CVE-2004-2757 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2004-12-31 05:00:00 UTC |
| Updated | 2017-07-29 01:29:00 UTC |
| Description | Cross-site scripting (XSS) vulnerability in the failed login page in Novell iChain before 2.2 build 2.2.113 and 2.3 First Customer Ship (FCS) allows remote attackers to inject arbitrary web script or HTML via url parameter. |
Risk And Classification
Problem Types: CWE-79
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Secunia - Advisories - Novell iChain "url" Parameter Cross-Site Scripting Vulnerability | SECUNIA | secunia.com | Vendor Advisory |
| Novell iChain Web Server Failed Login Page Cross-Site Scripting Vulnerability | BID | www.securityfocus.com | |
| TID-10080762 NESSUS scan results against iChain 2.2 and iChain 2.3 ( 09JUL2004) | CONFIRM | support.novell.com | |
| IBM X-Force Exchange | XF | exchange.xforce.ibmcloud.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.