CVE-2004-1512

Опубликовано: 31 дек. 2004

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability in Response_default.html in 04WebServer 1.42 allows remote attackers to execute arbitrary web script or HTML via script code in the URL, which is not quoted in the resulting default error page.

Ссылки

http://marc.info/?l=bugtraq&m=110012542615484&w=2
http://marc.info/?l=bugtraq&m=110054395311823&w=2
http://secunia.com/advisories/13159/
Vendor Advisory
http://www.security.org.sg/vuln/04webserver142.html
Patch
http://www.securityfocus.com/bid/11652
Exploit
Patch
http://www.soft3304.net/04WebServer/Security.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/18033
http://marc.info/?l=bugtraq&m=110012542615484&w=2
http://marc.info/?l=bugtraq&m=110054395311823&w=2
http://secunia.com/advisories/13159/
Vendor Advisory
http://www.security.org.sg/vuln/04webserver142.html
Patch
http://www.securityfocus.com/bid/11652
Exploit
Patch
http://www.soft3304.net/04WebServer/Security.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/18033

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:soft3304:04webserver:1.42:*:*:*:*:*:*:*

EPSS

Процентиль: 69%

0.00622

Низкий

4.3 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-3mqc-hxx7-9f8m

github

больше 3 лет назад