Arbitrary JavaScript Injection via Proxystylesheet Variable in Google Mini Search Appliance
CVE-2005-3758 · MEDIUM Severity
AV:N/AC:M/AU:N/C:N/I:P/A:N
Cross-site scripting (XSS) vulnerability in Google Mini Search Appliance, and possibly Google Search Appliance, allows remote attackers to inject arbitrary Javascript, and possibly other web script or HTML, via a proxystylesheet variable that contains a malicious XSLT style sheet.
Learn more about our Web App Pen Testing.