Lucene search

[email protected]CVE-2004-2119

HistoryMay 27, 2005 - 4:00 a.m.

CVE-2004-2119

2005-05-2704:00:00

[email protected]

web.nvd.nist.gov

cve-2004-2119

cross-site scripting

xss

tiny server 1.1

url injection

remote attackers

nvd

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6 Medium

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

80.7%

JSON

Cross-site scripting (XSS) vulnerability in Tiny Server 1.1 allows remote attackers to inject arbitrary web script or HTML via the URL.

Affected configurations

NVD

Node

tinyservertinyserverMatch1.1

CPENameOperatorVersion
tinyserver:tinyservertinyservereq1.1

CPE	Name	Operator	Version
tinyserver:tinyserver	tinyserver	eq	1.1

References

marc.info/?l=bugtraq&m=107496530806730&w=2

secunia.com/advisories/10707

www.autistici.org/fdonato/advisory/tinyServer1.1%5B1.0.5%5D-adv.txt

www.osvdb.org/3710

www.securityfocus.com/bid/9485

exchange.xforce.ibmcloud.com/vulnerabilities/14929

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6 Medium

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

80.7%

JSON

Related for CVE-2004-2119

cvelist1 nvd1