Unrated severityNVD Advisory· Published Nov 22, 2005· Updated Jun 16, 2026
CVE-2005-3754
CVE-2005-3754
Description
Cross-site scripting (XSS) vulnerability in Google Mini Search Appliance, and possibly Google Search Appliance, allows remote attackers to inject arbitrary Javascript, and possibly other web script or HTML, via the proxystylesheet variable, which will be executed in the resulting error message.
Affected products
3cpe:2.3:h:google:mini_search_appliance:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:h:google:mini_search_appliance:*:*:*:*:*:*:*:*
- (no CPE)
- cpe:2.3:h:google:search_appliance:*:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
7- www.osvdb.org/20978nvdPatch
- www.securityfocus.com/bid/15509nvdPatch
- securitytracker.com/idnvdExploitPatchVendor Advisory
- metasploit.com/research/vulns/google_proxystylesheet/nvdVendor Advisory
- secunia.com/advisories/17644nvdVendor Advisory
- www.securityfocus.com/archive/1/417310/30/0/threadednvd
- www.vupen.com/english/advisories/2005/2500nvd
News mentions
0No linked articles in our index yet.