Description
Cross-site scripting (XSS) vulnerability in Google Search Appliance and Google Mini allows remote attackers to inject arbitrary web script or HTML via a UTF-7 encoded q parameter.
Affected products
References
- MISChttp://securitytracker.com/id?1017317
- MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/30647
- MISChttp://sla.ckers.org/forum/read.php?3%2C3109
- VENDOR_ADVISORYhttp://secunia.com/advisories/23239
- MISChttp://www.kb.cert.org/vuls/id/989144
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2006/4789
- MISChttp://www.securityfocus.com/bid/21438