Lucene search

[email protected]CVE-2005-3577

HistoryNov 16, 2005 - 7:42 a.m.

CVE-2005-3577

2005-11-1607:42:00

[email protected]

web.nvd.nist.gov

cve-2005-3577

xss

ts.exe

ts.cgi

walla telesite 3.0

nvd

security vulnerability

web script

html

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6.2 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

71.1%

JSON

Cross-site scripting vulnerability (XSS) in ts.exe (aka ts.cgi) in Walla TeleSite 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the sug parameter.

Affected configurations

NVD

Node

walla_telesitewalla_telesiteRange≤3.0

CPENameOperatorVersion
walla_telesite:walla_telesitewalla telesitele3.0

CPE	Name	Operator	Version
walla_telesite:walla_telesite	walla telesite	le	3.0

References

secunia.com/advisories/17547

securitytracker.com/id?1015204

www.securityfocus.com/archive/1/416581/30/0/threaded

www.securityfocus.com/bid/15419

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6.2 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

71.1%

JSON

Related for CVE-2005-3577

nvd1 cvelist1