4.3
CVE-2005-4603
- EPSS 1.33%
- Veröffentlicht 31.12.2005 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:19:05
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Cross-site scripting (XSS) vulnerability in printthread.php in MyBB 1.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via a thread message, which is not properly sanitized in the print view of the thread.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Mybulletinboard ≫ Mybulletinboard Version1.0.1
Mybulletinboard ≫ Mybulletinboard Version1.0_pr2
Mybulletinboard ≫ Mybulletinboard Version1.00_rc1
Mybulletinboard ≫ Mybulletinboard Version1.00_rc2
Mybulletinboard ≫ Mybulletinboard Version1.00_rc3
Mybulletinboard ≫ Mybulletinboard Version1.0_rc4
Mybulletinboard ≫ Mybulletinboard Version1.00_rc4
Mybulletinboard ≫ Mybulletinboard Version1.00_rc4_security_patch
Mybulletinboard ≫ Mybulletinboard Versionrc1
Mybulletinboard ≫ Mybulletinboard Versionrc2
Mybulletinboard ≫ Mybulletinboard Versionrc3
Mybulletinboard ≫ Mybulletinboard Versionrc4
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.33% | 0.674 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:N/I:P/A:N
|
http://secunia.com/advisories/18281
http://www.vupen.com/english/advisories/2006/0012
http://securityreason.com/securityalert/310
http://www.osvdb.org/21601
http://www.securityfocus.com/archive/1/420569/100/0/threaded
http://www.securityfocus.com/bid/16096