Lucene search
HistorySep 07, 2005 - 7:07 p.m.
CVE-2005-2816
cve-2005-2816
cross-site scripting
xss
vulnerability
greymatter
remote attackers
web script
html
log file
control panel log
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.6 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
50.0%
Cross-site scripting (XSS) vulnerability in Greymatter allows remote attackers to inject arbitrary web script or HTML via a post comment, which is recorded in a log file but not properly handled when the administrator uses “View Control Panel Log” to read the log file.
Affected configurations
Node
greymattergreymatter_forum
Related
openvas
openvas
Greymatter gm.cgi HTML injection flaw
2006-03-26 00:00:00
Greymatter gm.cgi HTML injection flaw
2006-03-26 00:00:00
nvd
nvd
CVE-2005-2816
2005-09-07 19:07:00
cvelist
cvelist
CVE-2005-2816
2005-09-07 04:00:00
nessus
nessus
Greymatter Comment Name Field Control Panel Log XSS
2005-09-19 00:00:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.6 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
50.0%
Related for CVE-2005-2816