Lucene search
Japan Vulnerability NotesJVN:38138980HistoryAug 04, 2005 - 12:00 a.m.
JVN#38138980 Hiki cross-site scripting vulnerability
2005-08-0400:00:00
Japan Vulnerability Notes
jvn.jp
14
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.003 Low
EPSS
Percentile
69.0%
Impact
A remote attacker could create a content containing attacking code and take over a session by stealing the session ID of the user who logged into the system. If the user logged into the system as the administrator, the remote attacker could manipulate configurations.
Solution
Products Affected
- Hiki 0.8.0 - 0.8.2
Related
debiancve
debiancve
CVE-2005-2336
2005-09-06 21:03:00
CVE-2005-2803
2005-09-06 21:03:00
cve
cve
CVE-2005-2336
2005-09-06 21:03:00
CVE-2005-2803
2005-09-06 21:03:00
cvelist
cvelist
CVE-2005-2803
2005-09-06 04:00:00
CVE-2005-2336
2005-09-06 04:00:00
nvd
nvd
CVE-2005-2803
2005-09-06 21:03:00
CVE-2005-2336
2005-09-06 21:03:00
ubuntucve
ubuntucve
CVE-2005-2336
2005-09-06 00:00:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.003 Low
EPSS
Percentile
69.0%
Related for JVN:38138980