Cross-site scripting (XSS) vulnerability in Google Mini Search Appliance, and possibly Google Search Appliance, allows remote attackers to inject arbitrary Javascript, and possibly other web script or HTML, via a proxystylesheet variable that contains a malicious XSLT style sheet.
Software | From | Fixed in |
---|---|---|
google / mini_search_appliance | - | - |
google / search_appliance | - | - |