Arbitrary Web Script Injection Vulnerability in OASYS Lite 1.0 Search Function

Arbitrary Web Script Injection Vulnerability in OASYS Lite 1.0 Search Function

CVE-2005-3851 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

Cross-site scripting (XSS) vulnerability in search.asp in Online Attendance System (OASYS) Lite 1.0 allows remote attackers to inject arbitrary web script or HTML via certain search parameters, possibly the keyword parameter.

Learn more about our Web App Pen Testing.