关键漏洞信息 漏洞详情 CVSS v3.0 Base Score: 2.8 CVE ID: CVE-2005-2453 Affected Products: - NetworkActiv Web Server 1.0 - NetworkActiv Web Server 2.0.0.6 - NetworkActiv Web Server 3.0.1.1 - NetworkActiv Web Server 3.5.13 漏洞描述 A website hosting proxy-type advertisement company web pages is found to be hosting a site vulnerable to browser-side cross-site scripting form Web site where the site is not the originating site. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. 后果 Gain Access 修复措施 Upgrade to the latest version of NetworkActiv Web Server (3.5.14 or later), available from the NetworkActiv Web Server Download Web page. 外部链接 BID-14473 CVE-2005-2453 NetworkActiv Web Server Download Web page OSVDB ID: 18525