Lucene search

[email protected]NVD:CVE-2003-1554

HistoryDec 31, 2003 - 5:00 a.m.

CVE-2003-1554

2003-12-3105:00:00

CWE-79

[email protected]

web.nvd.nist.gov

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.7 Medium

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

72.5%

JSON

Cross-site scripting (XSS) vulnerability in scozbook/add.php in ScozNet ScozBook 1.1 BETA allows remote attackers to inject arbitrary web script or HTML via the (1) username, (2) useremail, (3) aim, (4) msn, (5) sitename and (6) siteaddy variables.

Affected configurations

NVD

Node

scoznetscozbookMatch1.1_beta

References

secunia.com/advisories/8476

securityreason.com/securityalert/3781

www.securityfocus.com/archive/1/316747/30/25280/threaded

www.securityfocus.com/bid/7235

www.securitytracker.com/id?1006413

exchange.xforce.ibmcloud.com/vulnerabilities/11658

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.7 Medium

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

72.5%

JSON

Related for NVD:CVE-2003-1554

cve1 cvelist1 nessus1