Published:2005/06/10 Last Updated:2008/05/21
JVN#7B700088
SFS cross-site scripting vulnerability
Overview
A cross-site scripting vulnerability exists in SFS (Server-type Filtering System) provided by the New Media Development Association.
Products Affected
- SFS Version 3.02
Description
Impact
When SFS is used for web browsing and a browsing request is filtered, an arbitrary script could be executed on the user's web browser. This may allow a remote attacker to steal cookie information from a website.
Solution
References
JPCERT/CC Addendum
Credit
Other Information
| JPCERT Alert | |
| JPCERT Reports | |
| CERT Advisory | |
| CPNI Advisory | |
| TRnotes | |
| CVE | |
| JVN iPedia |
JVNDB-2005-000774 |