Lucene search

K
cve[email protected]CVE-2004-2072
HistoryDec 31, 2004 - 5:00 a.m.

CVE-2004-2072

2004-12-3105:00:00
NVD-CWE-Other
web.nvd.nist.gov
23
mambo
open source
xss
vulnerability
security
index.php
itemid
remote attackers
execute script

6.4 Medium

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.01 Low

EPSS

Percentile

83.1%

Cross-site scripting (XSS) vulnerability in index.php for Mambo Open Source 4.6, and possibly earlier versions, allows remote attackers to execute script on other clients via the Itemid parameter.

6.4 Medium

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.01 Low

EPSS

Percentile

83.1%

Related for CVE-2004-2072