Cross-site scripting (XSS) vulnerability in comersus_backoffice_searchItemForm.asp in Comersus BackOffice Plus allows remote attackers to inject arbitrary web script or HTML via the (1) forwardTo1, (2) forwardTo2, (3) nameFT1, or (4) nameFT2 parameters.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2005-10-23T04:00:00Z
Updated: 2024-09-17T04:10:25.973Z
Reserved: 2005-10-23T00:00:00Z
Link: CVE-2005-3285
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2005-10-23T10:02:00.000
Modified: 2008-09-05T20:53:57.997
Link: CVE-2005-3285
Redhat
No data.