Lucene search

[email protected]CVE-2005-2899

HistorySep 14, 2005 - 8:03 p.m.

CVE-2005-2899

2005-09-1420:03:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve

2005

2899

cross-site scripting

xss

cjtagboard

remote attacks

6.2 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

49.3%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in details.php in CjTagBoard 3.0 allow remote attackers to inject arbitrary web script or HTML via the (1) date, (2) time, (3) name, (4) ip, (5) agent, or (6) msg parameter.

CPENameOperatorVersion
cj_design:cj_tag_boardcj design cj tag boardeq3.0

CPE	Name	Operator	Version
cj_design:cj_tag_board	cj design cj tag board	eq	3.0

References

marc.info/?l=bugtraq&m=112629507412619&w=2

6.2 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

49.3%

JSON