Lucene search

[email protected]CVE-2005-4361

HistoryDec 20, 2005 - 1:03 a.m.

CVE-2005-4361

2005-12-2001:03:00

[email protected]

web.nvd.nist.gov

cve-2005-4361

cross-site scripting

xss

magnolia content management suite

security vulnerability

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6 Medium

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

77.2%

JSON

Cross-site scripting (XSS) vulnerability in search.html in Magnolia Content Management Suite 2.1 allows remote attackers to inject arbitrary web script or HTML via the query parameter.

Affected configurations

NVD

Node

magnoliacontent_management_suiteMatch2.1

CPENameOperatorVersion
magnolia:content_management_suitemagnolia content management suiteeq2.1

CPE	Name	Operator	Version
magnolia:content_management_suite	magnolia content management suite	eq	2.1

References

pridels0.blogspot.com/2005/12/magnolia-xss-vuln.html

secunia.com/advisories/18104

www.osvdb.org/21795

www.securityfocus.com/bid/15954

www.vupen.com/english/advisories/2005/2989

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6 Medium

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

77.2%

JSON

Related for CVE-2005-4361

nvd1 cvelist1