Описание
Cross-site scripting (XSS) vulnerability in birt-viewer/run in Eclipse Business Intelligence and Reporting Tools (BIRT) before 2.5.0, as used in KonaKart and other products, allows remote attackers to inject arbitrary web script or HTML via the __report parameter.
Cross-site scripting (XSS) vulnerability in birt-viewer/run in Eclipse Business Intelligence and Reporting Tools (BIRT) before 2.5.0, as used in KonaKart and other products, allows remote attackers to inject arbitrary web script or HTML via the __report parameter.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2009-4521
- https://bugs.eclipse.org/bugs/show_bug.cgi?id=259127
- https://exchange.xforce.ibmcloud.com/vulnerabilities/53773
- http://antisnatchor.com/2008/12/18/eclipse-birt-reflected-xss
- http://secunia.com/advisories/37025
- http://www.osvdb.org/58941
- http://www.securityfocus.com/archive/1/507172/100/0/threaded
- http://www.securityfocus.com/bid/36674
Связанные уязвимости
Cross-site scripting (XSS) vulnerability in birt-viewer/run in Eclipse Business Intelligence and Reporting Tools (BIRT) before 2.5.0, as used in KonaKart and other products, allows remote attackers to inject arbitrary web script or HTML via the __report parameter.