ID de Prueba:	1.3.6.1.4.1.25623.1.0.16058
Categoría:	Web application abuses
Título:	YaCy Peer-To-Peer Search Engine XSS
Resumen:	The remote host contains a peer-to-peer search engine that is prone to;cross-site scripting attacks.;;Description :;;The remote host runs YaCy, a peer-to-peer distributed web search;engine and caching web proxy.;;The remote version of this software is vulnerable to multiple;cross-site scripting due to a lack of sanitization of user-supplied;data.;;Successful exploitation of this issue may allow an attacker to use the;remote server to perform an attack against a third-party user.
Descripción:	Summary: The remote host contains a peer-to-peer search engine that is prone to cross-site scripting attacks. Description : The remote host runs YaCy, a peer-to-peer distributed web search engine and caching web proxy. The remote version of this software is vulnerable to multiple cross-site scripting due to a lack of sanitization of user-supplied data. Successful exploitation of this issue may allow an attacker to use the remote server to perform an attack against a third-party user. Solution: Upgrade to YaCy 0.32 or later. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2004-2651 BugTraq ID: 12104 http://www.securityfocus.com/bid/12104 Bugtraq: 20041224 XSS in yacy 0.31 (Google Search) http://archives.neohapsis.com/archives/bugtraq/2004-12/0413.html http://www.osvdb.org/12629 http://www.osvdb.org/12630 http://securitytracker.com/id?1012686 XForce ISS Database: yacy-index-xss(18688) https://exchange.xforce.ibmcloud.com/vulnerabilities/18688 XForce ISS Database: yacy-wiki-xss(18690) https://exchange.xforce.ibmcloud.com/vulnerabilities/18690
Copyright	Copyright (C) 2004 David Maciejak

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.