CVE-2004-1645

Sažetak

Cross-site scripting (XSS) vulnerability in Xedus 1.0 allows remote attackers to execute arbitrary web script or HTML via the (1) username parameter to test.x, (2) username parameter to TestServer.x, or (3) param parameter to testgetrequest.x.

Reference

http://marc.info/?l=bugtraq&m=109394018411394&w=2
http://secunia.com/advisories/12418
http://www.gulftech.org/?node=research&article_id=00047-08302004
http://www.securityfocus.com/bid/11071
https://exchange.xforce.ibmcloud.com/vulnerabilities/17166

CVSS

Base:	4.3
Impact:	2.9
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	PARTIAL	NONE

CVSS vektor

AV:N/AC:M/Au:N/C:N/I:P/A:N

Zadnje važnije ažuriranje

11-07-2017 - 01:31

Objavljeno

30-08-2004 - 04:00