CVE-2004-1657

2005-02-2005:00:00

mitre

www.cve.org

5.8 Medium

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

79.6%

JSON

Cross-site scripting (XSS) vulnerability in the Activity and Events Viewer for Newtelligence DasBlog allows remote attackers to inject arbitrary web script or HTML via the (1) User Agent or (2) Referrer HTTP headers.

References

marc.info/?l=bugtraq&m=109443321830050&w=2

secunia.com/advisories/12416

staff.newtelligence.net/clemensv/PermaLink.aspx?guid=69bce168-cb09-4f09-8d53-f0b97f11b198

www.securityfocus.com/bid/11086

exchange.xforce.ibmcloud.com/vulnerabilities/17174