Verity Ultraseek Search Request XSS Network Vulnerability

Summary

The remote host runs Verity Ultraseek, an Enterprise Search Engine Software. This version is vulnerable to cross-site scripting and remote script injection due to a lack of sanitization of user-supplied data. Successful exploitation of this issue may allow an attacker to execute malicious script code on a vulnerable server.

Solution

Upgrade to version 5.3.3 or higher

Severity

Classification

CVE CVE-2005-0514

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Apache Tomcat source.jsp malformed request information disclosure
Apache Commons Daemon 'jsvc' Information Disclosure Vulnerability
Apache Subversion Module Metadata Accessible
Apache Open For Business HTML injection vulnerability
Allegro RomPager HTTP Referer Header Cross Site Scripting Vulnerability

Verity Ultraseek search request XSS

Take action and discover your vulnerabilities