Lucene search

FreeBSD84479A62-CA5F-11D9-B772-000C29B00E99

HistoryMay 19, 2005 - 12:00 a.m.

fswiki -- XSS problem in file upload form

2005-05-1900:00:00

vuxml.freebsd.org

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

53.7%

JSON

A Secunia security advisory reports:

A vulnerability has been reported in FreeStyle Wiki and
FSWikiLite, which can be exploited by malicious people to
conduct script insertion attacks.
Input passed in uploaded attachments is not properly
sanitised before being used. This can be exploited to inject
arbitrary HTML and script code, which will be executed in a
user’s browser session in context of an affected site when
the malicious attachment is viewed.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchfswiki<= 3.5.6UNKNOWN

OS	Version	Architecture	Package	Version	Filename
FreeBSD	any	noarch	fswiki	<= 3.5.6	UNKNOWN

References

fswiki.poi.jp/wiki.cgi?page=%CD%FA%CE%F2%2F2005%2D5%2D19

jvn.jp/jp/JVN%23465742E4/index.html

secunia.com/advisories/15538

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

53.7%

JSON

Related for 84479A62-CA5F-11D9-B772-000C29B00E99