Cross-site scripting (XSS) vulnerability in search/search.cgi in an unspecified KCScripts script, probably Search Engine or Site Search, distributed individually and as part of Portal Pack 6.0 and earlier, allows remote attackers to inject arbitrary web script or HTML via the q parameter.
References
Configurations
History
No history.
Information
Published : 2006-04-21 10:02
Updated : 2024-02-04 16:52
NVD link : CVE-2006-1969
Mitre link : CVE-2006-1969
CVE.ORG link : CVE-2006-1969
JSON object : View
Products Affected
kcscripts
- portal_pack
CWE