4.3

CVE-2004-1467

Exploit

EPSS 5.07%
Veröffentlicht 31.12.2004 05:00:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

Multiple cross-site scripting (XSS) vulnerabilities in eGroupWare 1.0.00.003 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) date or search text field in the calendar module, (2) Field parameter, Filter parameter, QField parameter, Start parameter or Search field in the address module, (3) Subject field in the message module or (4) Subject field in the Ticket module.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 8

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Egroupware ≫ Egroupware Version1.0

Egroupware ≫ Egroupware Version1.0.1

Egroupware ≫ Egroupware Version1.0.3

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	5.07%	0.887

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:N/I:P/A:N

http://sourceforge.net/forum/forum.php?forum_id=401807

http://www.gentoo.org/security/en/glsa/glsa-200409-06.xml

Patch

http://www.securityfocus.com/archive/1/372603

Exploit

http://www.securityfocus.com/bid/11013

Patch

Exploit

https://exchange.xforce.ibmcloud.com/vulnerabilities/17078

https://nvd.nist.gov/vuln/detail/CVE-2004-1467

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2004-1467

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2004-1467

EUVD