CVE-2004-1939

2005-05-1004:00:00

mitre

www.cve.org

5.7 Medium

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

76.5%

JSON

Cross-site scripting (XSS) vulnerability in Zaep AntiSpam 2.0 allows remote attackers to inject arbitrary web script or HTML via double encoded slashes (%252F) in the key parameter.

References

marc.info/?l=bugtraq&m=108241507812681&w=2

secunia.com/advisories/11388

www.securiteam.com/windowsntfocus/5EP0I15CKK.html

www.securityfocus.com/bid/10139

exchange.xforce.ibmcloud.com/vulnerabilities/15858