exploitDog

CVE-2005-1012

Опубликовано: 02 мая 2005

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability in Iatek SiteEnable allows remote attackers to inject arbitrary web script or HTML via (1) the contenttype parameter to content.asp, (2) the title, or (3) the description.

Ссылки

http://securitytracker.com/id?1013631
Exploit
http://www.zone-h.com/en/advisories/read/id=7367/
Exploit
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/19891
http://securitytracker.com/id?1013631
Exploit
http://www.zone-h.com/en/advisories/read/id=7367/
Exploit
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/19891

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:iatek:siteenable:*:*:*:*:*:*:*:*

EPSS

Процентиль: 60%

0.00396

Низкий

4.3 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-45m3-prmj-vvcc

github

почти 4 года назад

Cross-site scripting (XSS) vulnerability in Iatek SiteEnable allows remote attackers to inject arbitrary web script or HTML via (1) the contenttype parameter to content.asp, (2) the title, or (3) the description.

EPSS

Процентиль: 60%

0.00396

Низкий

4.3 Medium

CVSS2

Дефекты

NVD-CWE-Other