CVE-2005-2650

Опубликовано: 23 авг. 2005

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability in sign.asp in Emefa Guestbook 1.2 allows remote attackers to inject arbitrary web script or HTML via the (1) name, (2) location, and (3) email parameters.

Ссылки

http://packetstormsecurity.org/0508-advisories/emefaGuest.txt
Vendor Advisory
http://secunia.com/advisories/16489
Patch
Vendor Advisory
http://systemsecure.org/ssforum/viewtopic.php?t=91
Vendor Advisory
http://www.emefa.myserver.org/comp/guestview.php
Patch
http://www.securityfocus.com/bid/14599
http://packetstormsecurity.org/0508-advisories/emefaGuest.txt
Vendor Advisory
http://secunia.com/advisories/16489
Patch
Vendor Advisory
http://systemsecure.org/ssforum/viewtopic.php?t=91
Vendor Advisory
http://www.emefa.myserver.org/comp/guestview.php
Patch
http://www.securityfocus.com/bid/14599

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:emefa:emefa_guestbook:1.2:*:*:*:*:*:*:*

EPSS

Процентиль: 67%

0.00547

Низкий

4.3 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-7hpp-q93g-7xjw

github

почти 4 года назад