CVE-2004-2128

Опубликовано: 31 дек. 2004

Источник: nvd

CVSS2: 6.8

EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability in BRS WebWeaver 1.07 allows remote attackers to execute arbitrary script as other users via the query string to ISAPISkeleton.dll.

Ссылки

http://marc.info/?l=bugtraq&m=107531020924977&w=2
http://secunia.com/advisories/10741
Patch
http://www.brswebweaver.com/modules.php?op=modload&name=News&file=article&sid=1
http://www.osvdb.org/3741
http://www.securityfocus.com/bid/9516
Exploit
http://www.securitytracker.com/id?1008880
https://exchange.xforce.ibmcloud.com/vulnerabilities/14977
http://marc.info/?l=bugtraq&m=107531020924977&w=2
http://secunia.com/advisories/10741
Patch
http://www.brswebweaver.com/modules.php?op=modload&name=News&file=article&sid=1
http://www.osvdb.org/3741
http://www.securityfocus.com/bid/9516
Exploit
http://www.securitytracker.com/id?1008880
https://exchange.xforce.ibmcloud.com/vulnerabilities/14977

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:brs:webweaver:1.0.7:*:*:*:*:*:*:*

EPSS

Процентиль: 72%

0.007

Низкий

6.8 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-qv57-gh78-cg77

github

почти 4 года назад