Particle Links HTML Injection Vulnerability
BID:18344
CVE-2006-2903 |Info
Particle Links HTML Injection Vulnerability
| Bugtraq ID: | 18344 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Jun 06 2006 12:00AM |
| Updated: | Jun 09 2006 10:31PM |
| Credit: | Luny is credited with discovering this vulnerability. |
| Vulnerable: |
Particle Soft Particle Links 1.2.2 |
| Not Vulnerable: | |
Discussion
Particle Links HTML Injection Vulnerability
Particle Links is prone to an HTML-injection vulnerability because it fails to properly sanitize HTML and script code from user-supplied input to the login form input box.
An attacker could exploit this vulnerability to inject hostile HTML and script code into the browser session of other users of the application.
Particle Links is prone to an HTML-injection vulnerability because it fails to properly sanitize HTML and script code from user-supplied input to the login form input box.
An attacker could exploit this vulnerability to inject hostile HTML and script code into the browser session of other users of the application.
Exploit / POC
Particle Links HTML Injection Vulnerability
This issue can be exploited with a web browser.
This issue can be exploited with a web browser.
Solution / Fix
Particle Links HTML Injection Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]
References
Particle Links HTML Injection Vulnerability
References:
References:
- Particle Links (Particle Soft)
- Particle Links (Luny)