CVE-2004-2355 - Roundabout Whitey

Description

Cross-site scripting (XSS) vulnerability in Crafty Syntax Live Help (CSLH) before 2.7.4 allows remote attackers to inject arbitrary web script or HTML via the name field of a livehelp or chat session.

Reference

http://archives.neohapsis.com/archives/bugtraq/2004-06/0054.html http://www.craftysyntax.com/CHANGELOG.txt http://www.securityfocus.com/bid/10463 http://secunia.com/advisories/11789 http://www.osvdb.org/6744 https://exchange.xforce.ibmcloud.com/vulnerabilities/16321