CVE-2005-4433

Опубликовано: 21 дек. 2005

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability in search.php in Esselbach Storyteller CMS 1.8 allows remote attackers to inject arbitrary web script or HTML via the query parameter, which is used by the Search field.

Ссылки

http://pridels0.blogspot.com/2005/12/esselbach-storyteller-cms-xss-vuln.html
http://secunia.com/advisories/18130
Vendor Advisory
http://www.osvdb.org/21787
http://www.securityfocus.com/bid/15945
http://www.vupen.com/english/advisories/2005/2985
http://pridels0.blogspot.com/2005/12/esselbach-storyteller-cms-xss-vuln.html
http://secunia.com/advisories/18130
Vendor Advisory
http://www.osvdb.org/21787
http://www.securityfocus.com/bid/15945
http://www.vupen.com/english/advisories/2005/2985

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:esselbach_internet_solutions:esselbach_storyteller_cms:1.8:*:*:*:*:*:*:*

EPSS

Процентиль: 62%

0.00427

Низкий

4.3 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-xjq6-gc34-j23x

github

почти 4 года назад