CVE-2004-2738

Опубликовано: 31 дек. 2004

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability in check_user_id.php in ZeroBoard 4.1pl4 and earlier allows remote attackers to inject arbitrary web script or HTML via the user_id parameter.

Ссылки

http://lists.grok.org.uk/pipermail/full-disclosure/2004-December/030224.html
http://marc.info/?l=bugtraq&m=110391024404947&w=2
http://secunia.com/advisories/13649
Vendor Advisory
http://securitytracker.com/id?1012677
http://www.osvdb.org/12582
http://www.securityfocus.com/bid/12103
https://exchange.xforce.ibmcloud.com/vulnerabilities/18680
http://lists.grok.org.uk/pipermail/full-disclosure/2004-December/030224.html
http://marc.info/?l=bugtraq&m=110391024404947&w=2
http://secunia.com/advisories/13649
Vendor Advisory
http://securitytracker.com/id?1012677
http://www.osvdb.org/12582
http://www.securityfocus.com/bid/12103
https://exchange.xforce.ibmcloud.com/vulnerabilities/18680

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:zeroboard:zeroboard:4.1_pl2:*:*:*:*:*:*:*

cpe:2.3:a:zeroboard:zeroboard:4.1_pl3:*:*:*:*:*:*:*

cpe:2.3:a:zeroboard:zeroboard:4.1_pl4:*:*:*:*:*:*:*

EPSS

Процентиль: 67%

0.00535

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-6xqv-7w4h-6vqr

github

почти 4 года назад