JAWS HTML Injection Vulnerabilities Network Vulnerability

Summary

The remote host is running JAWS, a content management system written in PHP. The remote version of this software does not perform a proper validation of user-supplied input to several variables used in the 'GlossaryModel.php' script, and is therefore vulnerable to cross-site scripting attacks.

Solution

Upgrade to JAWS 0.5.2 or later.

References

http://seclists.org/lists/fulldisclosure/2005/Apr/0416.html

Updated on 2017-03-28

Severity

Classification

CVE CVE-2005-1231, CVE-2005-1800

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Adobe ColdFusion HTTP Response Splitting Vulnerability
Aardvark Topsites PHP 'index.php' Multiple Cross Site Scripting Vulnerabilities
Apache Tomcat cal2.jsp Cross Site Scripting Vulnerability
Adobe ColdFusion Multiple Path Disclosure Vulnerabilities
Apache CouchDB Cross Site Request Forgery Vulnerability

JAWS HTML injection vulnerabilities

Take action and discover your vulnerabilities