Cross-site scripting (XSS) vulnerability in Zwiki standard_error_message.dtml allows remote code injection via a malformed URL

Cross-site scripting (XSS) vulnerability in Zwiki standard_error_message.dtml allows remote code injection via a malformed URL

CVE-2004-1075 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

Cross-site scripting (XSS) vulnerability in standard_error_message.dtml for Zwiki after 0.10.0rc1 to 0.36.2 allows remote attackers to inject arbitrary HTML and web script via a malformed URL, which is not properly cleansed when generating an error message.

Learn more about our Web App Pen Testing.