- Home
- CVEs with nessus.description==The remote Windows host is affected by an elevation of privilege vulnerability in the Universal Description, Discovery, and Integration (UDDI) Services component due to improper validation and sanitization of user-supplied input to the 'searchID' parameter of the 'explorer' frame in frames.aspx. A remote attacker can exploit this vulnerability by submitting a specially crafted URL to a target site, resulting in the execution of arbitrary script code in the context of the current user.
Note: During testing it was discovered that BizTalk configurations running on Windows versions not specified in the bulletin were also impacted. Therefore, this plugin checks the vulnerability state of the cross-site scripting flaw and not the specific OS variant.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top