CVE-2004-2072

Опубликовано: 31 дек. 2004

Источник: nvd

CVSS2: 6.8

EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability in index.php for Mambo Open Source 4.6, and possibly earlier versions, allows remote attackers to execute script on other clients via the Itemid parameter.

Ссылки

http://www.securityfocus.com/bid/9588
Exploit
http://www.systemsecure.org/advisories/ssadvisory06022004.php
Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/15062
http://www.securityfocus.com/bid/9588
Exploit
http://www.systemsecure.org/advisories/ssadvisory06022004.php
Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/15062

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:mambo:mambo_open_source:4.6:*:cvs:*:*:*:*:*

EPSS

Процентиль: 66%

0.00524

Низкий

6.8 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-mrr4-jgcv-g6xx

github

почти 4 года назад