4.3
CVE-2005-2416
- EPSS 1.8%
- Veröffentlicht 03.08.2005 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:14:50
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginMultiple cross-site scripting (XSS) vulnerabilities in Contrexx before 1.0.5 allow remote attackers to inject arbitrary web script or HTML via the (1) term parameter to the search module or (2) title in the blog aggregation module.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Astalavista It Engineering ≫ Contrexx Version <= 1.0.4
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.8% | 0.757 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:N/I:P/A:N
|
http://marc.info/?l=bugtraq&m=112206702015439&w=2
http://secunia.com/advisories/16169
http://securitytracker.com/id?1014554
http://www.hardened-php.net/advisory_112005.59.html
http://www.securityfocus.com/bid/14352
http://www.osvdb.org/18168
http://www.osvdb.org/18169
https://exchange.xforce.ibmcloud.com/vulnerabilities/21484
https://exchange.xforce.ibmcloud.com/vulnerabilities/21487