Arbitrary Web Script Injection Vulnerability in Magic Book Personal and Professional 2.0

Arbitrary Web Script Injection Vulnerability in Magic Book Personal and Professional 2.0

CVE-2005-4177 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

Cross-site scripting (XSS) vulnerability in book.cfm in Magic Book Personal and Professional 2.0 allows remote attackers to inject arbitrary web script or HTML via the StartRow parameter.

Learn more about our Web App Pen Testing.