exploitDog

CVE-2005-4455

Опубликовано: 21 дек. 2005

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

cleanhtml.pl 1.129 in LiveJournal CVS before Dec 13 2005 allows remote attackers to inject scripting languages via the XSL namespace in XML, via vectors such as customview.cgi.

Ссылки

http://cvs.livejournal.org/browse.cgi/livejournal/cgi-bin/cleanhtml.pl
http://secunia.com/advisories/18157
Patch
Vendor Advisory
http://cvs.livejournal.org/browse.cgi/livejournal/cgi-bin/cleanhtml.pl
http://secunia.com/advisories/18157
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:livejournal:livejournal:*:*:*:*:*:*:*:*

EPSS

Процентиль: 56%

0.00336

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-g34c-fgmm-m32p

github

почти 4 года назад

cleanhtml.pl 1.129 in LiveJournal CVS before Dec 13 2005 allows remote attackers to inject scripting languages via the XSL namespace in XML, via vectors such as customview.cgi.

EPSS

Процентиль: 56%

0.00336

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other