7 lines
No EOL
628 B
Text
7 lines
No EOL
628 B
Text
source: http://www.securityfocus.com/bid/5199/info
|
|
|
|
Fluid Dynamics Search Engine is a search application for local and remote web sites, and is designed to work in most UNIX and Microsoft Windows environments. Fluid Dynamics Search Engine and is maintained by Zoltan Milosevic.
|
|
|
|
It is possible for attackers to construct a URL that will cause scripting code to be embedded in a search results page. As a result, when an innocent user follows such a link, the script code will execute within the context of the hosted site.
|
|
|
|
http://www.xav.com/search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&Rank=<br><h1>XSS</h1> |