Verity Ultraseek Search Request XSS Network Vulnerability

Summary

The remote host runs Verity Ultraseek, an Enterprise Search Engine Software. This version is vulnerable to cross-site scripting and remote script injection due to a lack of sanitization of user-supplied data. Successful exploitation of this issue may allow an attacker to execute malicious script code on a vulnerable server.

Solution

Upgrade to version 5.3.3 or higher

Severity

Classification

CVE CVE-2005-0514
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Adobe ColdFusion Multiple Cross Site Scripting Vulnerabilities
Apache mod_proxy_ftp Wildcard Characters XSS Vulnerability
Adobe JRun Management Console Multiple Vulnerabilities
Apache Tomcat RemoteFilterValve Security Bypass Vulnerability
Apache Web Server ETag Header Information Disclosure Weakness

Verity Ultraseek search request XSS

Take action and discover your vulnerabilities