CVE-2004-2618

2005-12-0411:00:00

mitre

www.cve.org

5.7 Medium

AI Score

Confidence

High

0.008 Low

EPSS

Percentile

82.2%

JSON

Cross-site scripting (XSS) vulnerability in Pegasi Web Server (PWS) 0.2.2 allows remote attackers to inject arbitrary web script or HTML via the URI, directly after the initial ‘/’ (slash).

References

archives.neohapsis.com/archives/bugtraq/2004-03/0109.html

archives.neohapsis.com/archives/bugtraq/2004-03/0136.html

secunia.com/advisories/11122

sourceforge.net/forum/forum.php?forum_id=359660

www.autistici.org/fdonato/advisory/pws0.2.2-adv.txt

www.osvdb.org/4255

www.securityfocus.com/bid/9847

exchange.xforce.ibmcloud.com/vulnerabilities/15436