Lucene search

[email protected]CVE-2005-2855

HistorySep 08, 2005 - 10:03 a.m.

CVE-2005-2855

2005-09-0810:03:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2005-2855

cross-site scripting

xss

unclassified newsboard

nvd

security vulnerability

5.9 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.065 Low

EPSS

Percentile

93.6%

JSON

Cross-site scripting (XSS) vulnerability in Unclassified NewsBoard 1.5.3 allows remote attackers to inject arbitrary web script or HTML via the description field.

CPENameOperatorVersion
unclassified_newsboard:unclassified_newsboardunclassified newsboardeq1.5.3

CPE	Name	Operator	Version
unclassified_newsboard:unclassified_newsboard	unclassified newsboard	eq	1.5.3

References

marc.info/?l=bugtraq&m=112605049014473&w=2

packetstormsecurity.org/0509-exploits/unb153.html

secunia.com/advisories/16726

www.osvdb.org/19239

www.securityfocus.com/bid/14748

www.vupen.com/english/advisories/2005/1665

exchange.xforce.ibmcloud.com/vulnerabilities/22172

5.9 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.065 Low

EPSS

Percentile

93.6%

JSON

Related for CVE-2005-2855

cve1