CVE-2004-1849

Опубликовано: 24 мар. 2004

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Multiple cross-site scripting (XSS) vulnerabilities in cPanel 9.1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) email parameter to dodelautores.html or (2) handle parameter to addhandle.html.

Ссылки

http://marc.info/?l=bugtraq&m=108006627005371&w=2
http://securitytracker.com/id?1009541
Vendor Advisory
http://www.osvdb.org/4529
Vendor Advisory
http://www.osvdb.org/4530
Vendor Advisory
http://www.securityfocus.com/bid/9965
Exploit
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/15517
http://marc.info/?l=bugtraq&m=108006627005371&w=2
http://securitytracker.com/id?1009541
Vendor Advisory
http://www.osvdb.org/4529
Vendor Advisory
http://www.osvdb.org/4530
Vendor Advisory
http://www.securityfocus.com/bid/9965
Exploit
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/15517

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:cpanel:cpanel:9.1:*:*:*:*:*:*:*

EPSS

Процентиль: 71%

0.00675

Низкий

4.3 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-x764-624g-c724

github

больше 3 лет назад