• 日期:2004-10-20
  • 类别:
  • 作者:anonymous
  • 语法:inurl:/dana-na/auth/welcome.html
  • Neoteris Instant Virtual Extranet (IVE) has been reported prone to a cross-site scripting vulnerability.The issue presents itself, due to a lack of sufficient sanitization performed on an argument passed to an IVE CGI script. An attacker may exploit this vulnerability to hijack valid Neoteris IVE sessions.advisories: