CVE-2005-4665

EPSS 1.22%
Veröffentlicht 31.12.2005 05:00:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

Cross-site scripting (XSS) vulnerability in PunBB 1.2.6 and earlier allows remote attackers to inject arbitrary web script or HTML via Javascript contained in nested, malformed BBcode url tags.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 12

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Punbb ≫ Punbb Version1.0

Punbb ≫ Punbb Version1.0.1

Punbb ≫ Punbb Version1.0_alpha

Punbb ≫ Punbb Version1.0_beta1

Punbb ≫ Punbb Version1.0_beta2

Punbb ≫ Punbb Version1.0_beta3

Punbb ≫ Punbb Version1.0_rc1

Punbb ≫ Punbb Version1.0_rc2

Punbb ≫ Punbb Version1.1

Punbb ≫ Punbb Version1.1.1

Punbb ≫ Punbb Version1.1.2

Punbb ≫ Punbb Version1.1.3

Punbb ≫ Punbb Version1.1.4

Punbb ≫ Punbb Version1.1.5

Punbb ≫ Punbb Version1.2.1

Punbb ≫ Punbb Version1.2.2

Punbb ≫ Punbb Version1.2.3

Punbb ≫ Punbb Version1.2.4

Punbb ≫ Punbb Version1.2.5

Punbb ≫ Punbb Version1.2.6

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	1.22%	0.772

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:N/I:P/A:N

http://punbb.org/changelogs/1.2.6_to_1.2.7.txt

http://secunia.com/advisories/16775

http://www.osvdb.org/19382

http://www.punbb.org/changelogs/1.2.6_to_1.2.7.txt

http://www.securityfocus.com/archive/1/422088/100/0/threaded

http://www.securityfocus.com/archive/1/422267/100/0/threaded

http://www.securityfocus.com/bid/14808

Patch

http://www.vupen.com/english/advisories/2005/1708

https://exchange.xforce.ibmcloud.com/vulnerabilities/22234

https://nvd.nist.gov/vuln/detail/CVE-2005-4665

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2005-4665

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2005-4665

EUVD