4.3
CVE-2004-1384
- EPSS 3.21%
- Veröffentlicht 31.12.2004 05:00:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginMultiple cross-site scripting (XSS) vulnerabilities in phpGroupWare 0.9.16.003 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) kp3, (2) type, (3) msg, (4) forum_id, (5) pos, (6) cats_app, (7) cat_id, (8) msgball[msgnum], (9) fldball[acctnum] parameters to index.php or (10) ticket_id to viewticket_details.php.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Phpgroupware ≫ Phpgroupware Version0.9.12
Phpgroupware ≫ Phpgroupware Version0.9.13
Phpgroupware ≫ Phpgroupware Version0.9.14
Phpgroupware ≫ Phpgroupware Version0.9.14.003
Phpgroupware ≫ Phpgroupware Version0.9.14.005
Phpgroupware ≫ Phpgroupware Version0.9.14.006
Phpgroupware ≫ Phpgroupware Version0.9.14.007
Phpgroupware ≫ Phpgroupware Version0.9.16.000
Phpgroupware ≫ Phpgroupware Version0.9.16.002
Phpgroupware ≫ Phpgroupware Version0.9.16.003
Phpgroupware ≫ Phpgroupware Version0.9.16_rc1
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 3.21% | 0.865 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:N/I:P/A:N
|