Required CVE Record Information
Description
Multiple cross-site scripting (XSS) vulnerabilities in Savvy Content Manager (CM) allow remote attackers to inject arbitrary web script or HTML via the searchterms parameter to (1) searchresults.cfm, (2) search_results.cfm, and (3) search_results/index.cfm. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
References 4 Total
- securityfocus.com: 28200 vdb-entry
- secunia.com: 29298 third-party-advisory
- http://www.besavvy.com/blog/index.cfm/2008/3/11/Security-Patch
- exchange.xforce.ibmcloud.com: savvy-searchterms-xss(41342) vdb-entry
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 4 Total
- securityfocus.com: 28200 vdb-entryx_transferred
- secunia.com: 29298 third-party-advisoryx_transferred
- http://www.besavvy.com/blog/index.cfm/2008/3/11/Security-Patch x_transferred
- exchange.xforce.ibmcloud.com: savvy-searchterms-xss(41342) vdb-entryx_transferred