Vulnerabilities
Vulnerable Software
Lycos:  >> Htmlgear Guestgear  Security Vulnerabilities
Cross-site scripting (XSS) vulnerability in Lycos Tripod htmlGEAR guestGEAR (aka Guest Gear) allows remote attackers to inject arbitrary web script or HTML via a guestbook post containing a javascript URI in the SRC attribute of the BR element after an extra "iframe" tagname within that element, followed by a double ">", which might bypass cleansing operations.
CVSS Score
6.8
EPSS Score
0.004
Published
2006-06-05
Cross-site scripting (XSS) vulnerability in Lycos HTMLGear guestbook allows remote attackers to inject arbitrary script via (1) STYLE attributes or (2) SRC attributes in an IMG tag.
CVSS Score
4.3
EPSS Score
0.004
Published
2003-04-02


Contact Us

Shodan ® - All rights reserved