Lucene search

[email protected]CVE-2005-1227

HistoryApr 20, 2005 - 4:00 a.m.

CVE-2005-1227

2005-04-2004:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve

2005

1227

cross-site scripting

xss

phprojekt

web script

html

6.3 Medium

AI Score

Confidence

High

5.1 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

0.005 Low

EPSS

Percentile

76.9%

JSON

Cross-site scripting (XSS) vulnerability in PHProjekt 4.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the chatroom text submission form.

CPENameOperatorVersion
phprojekt:phprojektphprojekteq4.2

CPE	Name	Operator	Version
phprojekt:phprojekt	phprojekt	eq	4.2

References

marc.info/?l=bugtraq&m=111402374504496&w=2

secunia.com/advisories/15039

www.osvdb.org/15720

exchange.xforce.ibmcloud.com/vulnerabilities/20212

6.3 Medium

AI Score

Confidence

High

5.1 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

0.005 Low

EPSS

Percentile

76.9%

JSON

Related for CVE-2005-1227

cvelist1