Lucene search

[email protected]CVE-2004-0319

HistoryNov 23, 2004 - 5:00 a.m.

CVE-2004-0319

2004-11-2305:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2004-0319

cross-site scripting

xss

vulnerability

ezboard 7.3u

remote attackers

arbitrary script

6.9 Medium

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.012 Low

EPSS

Percentile

84.7%

JSON

Cross-site scripting (XSS) vulnerability in the font tag in ezBoard 7.3u allows remote attackers to execute arbitrary script as other users, as demonstrated using the background:url in a (1) font color or (2) font face argument.

CPENameOperatorVersion
ezboard:ezboardezboardeq7.3u

CPE	Name	Operator	Version
ezboard:ezboard	ezboard	eq	7.3u

References

marc.info/?l=bugtraq&m=107756639427140&w=2

www.securityfocus.com/bid/9725

exchange.xforce.ibmcloud.com/vulnerabilities/15287

6.9 Medium

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.012 Low

EPSS

Percentile

84.7%

JSON