Cross-site scripting (XSS) vulnerability in LiveJournal 1.0 and 1.1 allows remote attackers to execute Javascript as other users via the stylesheet, which does not strip the semicolon or parentheses, as demonstrated using a background:url.
References
Configurations
History
No history.
Information
Published : 2004-11-23 05:00
Updated : 2024-02-04 16:31
NVD link : CVE-2004-0310
Mitre link : CVE-2004-0310
CVE.ORG link : CVE-2004-0310
JSON object : View
Products Affected
livejournal
- livejournal
CWE