Lucene search

[email protected]CVE-2005-3085

HistorySep 27, 2005 - 8:03 p.m.

CVE-2005-3085

2005-09-2720:03:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2005-3085

cross-site scripting

xss

riverdark studios

rss syndicator

vulnerabilities

web script

html

6.3 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

46.6%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in rss.php in Riverdark Studios RSS Syndicator module 2.1.7 allow remote attackers to inject arbitrary web script or HTML via the (1) forum or (2) topic parameters.

CPENameOperatorVersion
riverdark_studios:rss_syndicator_moduleriverdark studios rss syndicator moduleeq2.1.7

CPE	Name	Operator	Version
riverdark_studios:rss_syndicator_module	riverdark studios rss syndicator module	eq	2.1.7

References

securitytracker.com/id?1014969

6.3 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

46.6%

JSON