CVE-2004-2245

Medium

4.3/10

Summary

Cross-site scripting (XSS) vulnerability in Goollery 0.03 allows remote attackers to inject arbitrary HTML or web script via the (1) page parameter to viewalbum.php or (2) btopage parameter to viewpic.php.

Access Complexity: MEDIUM
AccessVector: NETWORK
Authentication: NONE
Integrity Impact: PARTIAL
Confidentiality Impact: NONE
Availability Impact: NONE

References

Advisory Timeline

Published Dec 31, 2004

CVE-2004-2245

Summary

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS