CVE-2005-0629

Опубликовано: 01 мар. 2005

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Multiple cross-site scripting (XSS) vulnerabilities in profile.php in 427BB 2.2 allow remote attackers to inject arbitrary web script or HTML via the (1) user or (2) Avatar parameters.

Ссылки

http://marc.info/?l=bugtraq&m=110970474726113&w=2
http://marc.info/?l=bugtraq&m=110970911514167&w=2
http://secunia.com/advisories/14434
Vendor Advisory
http://securitytracker.com/id?1013337
Vendor Advisory
http://www.securityfocus.com/bid/12693
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/19546
http://marc.info/?l=bugtraq&m=110970474726113&w=2
http://marc.info/?l=bugtraq&m=110970911514167&w=2
http://secunia.com/advisories/14434
Vendor Advisory
http://securitytracker.com/id?1013337
Vendor Advisory
http://www.securityfocus.com/bid/12693
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/19546

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:427bb:fourtwosevenbb:2.0:*:*:*:*:*:*:*

cpe:2.3:a:427bb:fourtwosevenbb:2.0.1:*:*:*:*:*:*:*

cpe:2.3:a:427bb:fourtwosevenbb:2.1:*:*:*:*:*:*:*

cpe:2.3:a:427bb:fourtwosevenbb:2.1.1:*:*:*:*:*:*:*

cpe:2.3:a:427bb:fourtwosevenbb:2.1.2:*:*:*:*:*:*:*

cpe:2.3:a:427bb:fourtwosevenbb:2.1.3:*:*:*:*:*:*:*

cpe:2.3:a:427bb:fourtwosevenbb:2.2:*:*:*:*:*:*:*

cpe:2.3:a:427bb:fourtwosevenbb:2.2.1:*:*:*:*:*:*:*

EPSS

Процентиль: 92%

0.07555

Низкий

4.3 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-64vc-fw9f-73q8

github

почти 4 года назад