CVE-2005-4375

Description

Cross-site scripting (XSS) vulnerability in Amaxus 3 and earlier allows remote attackers to inject arbitrary web script or HTML via the change parameter. NOTE: it is possible that this is resultant from CVE-2005-4376.

Affected products

• box_uk / amaxus3

References

• VENDOR_ADVISORYhttp://secunia.com/advisories/18004
• MISChttp://www.securityfocus.com/bid/15936
• MISChttp://www.osvdb.org/21821
• MISChttp://pridels0.blogspot.com/2005/12/amaxus-vuln.html
• VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2005/2972