Cross site scripting in chcounter 3.1.3
Cross site scripting describes attacks that allow to insert malicious
chcounter is some free software php script for website statistics. The
There's no vendor fix.
Vendor has been contacted 2007-03-11 and has not answered yet.
The Common Vulnerabilities and Exposures (CVE) project has assigned the
name CVE-2007-1871 to this issue. This is a candidate for inclusion in
the CVE list (http://cve.mitre.org/), which standardizes names for
Credits and copyright:
This vulnerability was discovered by Hanno Boeck of schokokeks.org
It's licensed creative commons attribution:
Hanno Boeck, 2007-04-12, www.hboeck.de
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.3 (GNU/Linux)
-----END PGP SIGNATURE-----