Lucene search

[email protected]CVE-2004-1867

HistoryMay 10, 2005 - 4:00 a.m.

CVE-2004-1867

2005-05-1004:00:00

[email protected]

web.nvd.nist.gov

cve-2004-1867

xss

guest.cgi

fresh guest book

web script

html

name field

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

70.3%

JSON

Cross-site scripting (XSS) vulnerability in guest.cgi in Fresh Guest Book allows remote attackers to inject arbitrary web script or HTML via the Name field.

Affected configurations

NVD

Node

web_freshfresh_guest_bookMatch1.0

web_freshfresh_guest_bookMatch2.0

web_freshfresh_guest_bookMatch2.1

CPENameOperatorVersion
web_fresh:fresh_guest_bookweb fresh fresh guest bookeq1.0
web_fresh:fresh_guest_bookweb fresh fresh guest bookeq2.0
web_fresh:fresh_guest_bookweb fresh fresh guest bookeq2.1

CPE	Name	Operator	Version
web_fresh:fresh_guest_book	web fresh fresh guest book	eq	1.0
web_fresh:fresh_guest_book	web fresh fresh guest book	eq	2.0
web_fresh:fresh_guest_book	web fresh fresh guest book	eq	2.1

References

marc.info/?l=bugtraq&m=108057935827431&w=2

www.securityfocus.com/bid/9995

exchange.xforce.ibmcloud.com/vulnerabilities/15649

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

70.3%

JSON

Related for CVE-2004-1867

nvd1 cvelist1