CVE-2005-4420

Опубликовано: 20 дек. 2005

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability in Honeycomb Archive Enterprise 3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters, possibly the keyword parameter in search.cfm.

Ссылки

http://pridels0.blogspot.com/2005/12/honeycomb-archive-honeycomb-archive.html
http://secunia.com/advisories/18127
Vendor Advisory
http://www.osvdb.org/21828
http://www.securityfocus.com/bid/15995
https://exchange.xforce.ibmcloud.com/vulnerabilities/23831
http://pridels0.blogspot.com/2005/12/honeycomb-archive-honeycomb-archive.html
http://secunia.com/advisories/18127
Vendor Advisory
http://www.osvdb.org/21828
http://www.securityfocus.com/bid/15995
https://exchange.xforce.ibmcloud.com/vulnerabilities/23831

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:quicksquare_development:honeycomb_archive_enterprise:3.0:*:*:*:*:*:*:*

EPSS

Процентиль: 62%

0.00427

Низкий

4.3 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-5xqj-h7c6-6746

github

почти 4 года назад