Cross-site Scripting Vulnerability in Novell iChain Web Products
CVE-2004-2757

Currently unrated

Key Information:

Vendor: Novell
Status: Ichain
Vendor: CVE Published:; 31 December 2004

What is CVE-2004-2757?

A cross-site scripting (XSS) vulnerability exists in the failed login page of Novell iChain prior to versions 2.2 build 2.2.113 and 2.3 First Customer Ship (FCS). This flaw allows remote attackers to inject arbitrary web scripts or HTML through manipulated URL parameters, potentially compromising user data and security. Exploitation of this vulnerability can lead to unauthorized access and manipulation of web content, posing significant risks to users interacting with the affected product.

References

http://secunia.com/advisories/10653

third-party-advisoryx_refsource_SECUNIA

https://exchange.xforce.ibmcloud.com/vulnerabilities/14873

vdb-entryx_refsource_XF

http://support.novell.com/cgi-bin/search/searchtid.cgi?/1...

x_refsource_CONFIRM

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Nov 19, 2007
Vulnerability published
Dec 31, 2004