Lucene search

K
cve[email protected]CVE-2003-0053
HistorySep 01, 2004 - 4:00 a.m.

CVE-2003-0053

2004-09-0104:00:00
web.nvd.nist.gov
23
cve-2003-0053
cross-site scripting
xss
apple darwin
streaming administration server
quicktime streaming server
remote attackers
script injection

5.5 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.003 Low

EPSS

Percentile

68.8%

Cross-site scripting (XSS) vulnerability in parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to insert arbitrary script via the filename parameter, which is inserted into an error message.

Affected configurations

NVD
Node
appledarwin_streaming_serverMatch4.1.2
OR
applequicktime_streaming_serverMatch4.1.1

5.5 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.003 Low

EPSS

Percentile

68.8%