CVE-2004-1965

Опубликовано: 25 апр. 2004

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Multiple cross-site scripting (XSS) vulnerabilities in Open Bulletin Board (OpenBB) 1.0.6 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) redirect parameter to member.php, (2) to parameter to myhome.php (3) TID parameter to post.php, or (4) redirect parameter to index.php.

Ссылки

http://marc.info/?l=bugtraq&m=108301983206107&w=2
http://secunia.com/advisories/11481
Exploit
Vendor Advisory
http://securitytracker.com/id?1009935
Exploit
Vendor Advisory
http://www.securityfocus.com/bid/10214
Exploit
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/15966
http://marc.info/?l=bugtraq&m=108301983206107&w=2
http://secunia.com/advisories/11481
Exploit
Vendor Advisory
http://securitytracker.com/id?1009935
Exploit
Vendor Advisory
http://www.securityfocus.com/bid/10214
Exploit
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/15966

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:openbb:openbb:1.0.0_beta1:*:*:*:*:*:*:*

cpe:2.3:a:openbb:openbb:1.0.0_rc1:*:*:*:*:*:*:*

cpe:2.3:a:openbb:openbb:1.0.0_rc2:*:*:*:*:*:*:*

cpe:2.3:a:openbb:openbb:1.0.0_rc3:*:*:*:*:*:*:*

cpe:2.3:a:openbb:openbb:1.0.5:*:*:*:*:*:*:*

cpe:2.3:a:openbb:openbb:1.0.6:*:*:*:*:*:*:*

cpe:2.3:a:openbb:openbb:1.0.8:*:*:*:*:*:*:*

EPSS

Процентиль: 50%

0.00265

Низкий

4.3 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-4hv6-2q5x-grr5

github

почти 4 года назад