CVE-2004-1645

Опубликовано: 30 авг. 2004

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability in Xedus 1.0 allows remote attackers to execute arbitrary web script or HTML via the (1) username parameter to test.x, (2) username parameter to TestServer.x, or (3) param parameter to testgetrequest.x.

Ссылки

http://marc.info/?l=bugtraq&m=109394018411394&w=2
http://secunia.com/advisories/12418
Exploit
Vendor Advisory
http://www.gulftech.org/?node=research&article_id=00047-08302004
http://www.securityfocus.com/bid/11071
Exploit
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/17166
http://marc.info/?l=bugtraq&m=109394018411394&w=2
http://secunia.com/advisories/12418
Exploit
Vendor Advisory
http://www.gulftech.org/?node=research&article_id=00047-08302004
http://www.securityfocus.com/bid/11071
Exploit
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/17166

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:jerod_moemeka:xedus:1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 75%

0.00891

Низкий

4.3 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-q78g-73j3-mh33

github

почти 4 года назад