4.3
CVE-2005-4574
- EPSS 1.74%
- Veröffentlicht 29.12.2005 11:03:00
- Zuletzt bearbeitet 16.06.2026 22:19:02
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginCross-site scripting (XSS) vulnerability in loader.cfm in PaperThin CommonSpot Content Server 4.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the bNewWindow parameter.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Paperthin ≫ Commonspot Content Server Version <= 4.5
Paperthin ≫ Commonspot Content Server Version2.5
Paperthin ≫ Commonspot Content Server Version3.0
Paperthin ≫ Commonspot Content Server Version3.2
Paperthin ≫ Commonspot Content Server Version4.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.74% | 0.748 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:N/I:P/A:N
|
http://pridels0.blogspot.com/2005/12/commonspot-content-server-vuln.html
http://secunia.com/advisories/18257
http://www.osvdb.org/21931
http://www.securityfocus.com/bid/16071
https://exchange.xforce.ibmcloud.com/vulnerabilities/23864