Lucene search

[email protected]CVE-2005-4670

HistoryJan 27, 2006 - 11:00 p.m.

CVE-2005-4670

2006-01-2723:00:00

[email protected]

web.nvd.nist.gov

cve-2005-4670

xss

vulnerability

citypost

automated link exchange

message.php

lnkx

web script

html

remote attackers

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6 Medium

AI Score

Confidence

High

0.009 Low

EPSS

Percentile

82.7%

JSON

Cross-site scripting (XSS) vulnerability in message.php in CityPost Automated Link Exchange (LNKX) allows remote attackers to inject arbitrary web script or HTML via the msg parameter.

Affected configurations

NVD

Node

citypostphp_lnkxMatch52.0

CPENameOperatorVersion
citypost:php_lnkxcitypost php lnkxeq52.0

CPE	Name	Operator	Version
citypost:php_lnkx	citypost php lnkx	eq	52.0

References

secunia.com/advisories/15009

securitytracker.com/id?1013752

www.osvdb.org/15676

www.securityfocus.com/bid/13255

exchange.xforce.ibmcloud.com/vulnerabilities/20167

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6 Medium

AI Score

Confidence

High

0.009 Low

EPSS

Percentile

82.7%

JSON

Related for CVE-2005-4670

cvelist1 nvd1