|Category:||Web application abuses|
|Title:||YaCy Peer-To-Peer Search Engine XSS|
|Summary:||Checks for YaCy Peer-To-Peer Search Engine XSS|
The remote host contains a peer-to-peer search engine that is prone to
cross-site scripting attacks.
The remote host runs YaCy, a peer-to-peer distributed web search
engine and caching web proxy.
The remote version of this software is vulnerable to multiple
cross-site scripting due to a lack of sanitization of user-supplied
Successful exploitation of this issue may allow an attacker to use the
remote server to perform an attack against a third-party user.
See also :
Upgrade to YaCy 0.32 or later.
BugTraq ID: 12104|
Common Vulnerability Exposure (CVE) ID: CVE-2004-2651
Bugtraq: 20041224 XSS in yacy 0.31 (Google Search)
XForce ISS Database: yacy-index-xss(18688)
XForce ISS Database: yacy-wiki-xss(18690)
|Copyright||This script is Copyright (C) 2004 David Maciejak|
|This is only one of 39087 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.