Unrated severityNVD Advisory· Published Nov 22, 2005· Updated Apr 16, 2026

CVE-2005-3754

Description

Cross-site scripting (XSS) vulnerability in Google Mini Search Appliance, and possibly Google Search Appliance, allows remote attackers to inject arbitrary Javascript, and possibly other web script or HTML, via the proxystylesheet variable, which will be executed in the resulting error message.

Affected products

Google/Mini Search Appliance
cpe:2.3:h:google:mini_search_appliance:*:*:*:*:*:*:*:*
Google/Search Appliance
cpe:2.3:h:google:search_appliance:*:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.osvdb.org/20978nvdPatch
www.securityfocus.com/bid/15509nvdPatch
securitytracker.com/idnvdExploitPatchVendor Advisory
metasploit.com/research/vulns/google_proxystylesheet/nvdVendor Advisory
secunia.com/advisories/17644nvdVendor Advisory
www.securityfocus.com/archive/1/417310/30/0/threadednvd
www.vupen.com/english/advisories/2005/2500nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000