4.3
CVE-2005-3967
- EPSS 1.21%
- Veröffentlicht 03.12.2005 19:03:00
- Zuletzt bearbeitet 16.06.2026 22:17:58
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginCross-site scripting (XSS) vulnerability in the dosearchsite.action module in Atlassian Confluence 2.0.1 Build 321 allows remote attackers to inject arbitrary web script or HTML via the searchQuery.queryString search module parameter.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Atlassian ≫ Confluence Version2.0.1_build_321
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.21% | 0.644 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:N/I:P/A:N
|
http://pridels0.blogspot.com/2005/12/confluence-enterprise-wiki-xss-vuln.html
http://secunia.com/advisories/17833
http://www.osvdb.org/21377
http://www.securityfocus.com/bid/15688
http://www.vupen.com/english/advisories/2005/2691