Lucene search
HistoryDec 31, 2004 - 5:00 a.m.
CVE-2004-1837
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.8 Medium
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
64.9%
Cross-site scripting (XSS) vulnerability in Mod_survey 3.0.x before 3.0.16-pre2 and 3.2.x before 3.2.0-pre4 allows remote attackers to inject arbitrary web script or HTML via the certain survey fields or error messages for malformed query strings.
Affected configurations
Node
joel_palmiusmod_surveyMatch3.0.0
ORjoel_palmiusmod_surveyMatch3.0.1
ORjoel_palmiusmod_surveyMatch3.0.2
ORjoel_palmiusmod_surveyMatch3.0.3
ORjoel_palmiusmod_surveyMatch3.0.4
ORjoel_palmiusmod_surveyMatch3.0.5
ORjoel_palmiusmod_surveyMatch3.0.6
ORjoel_palmiusmod_surveyMatch3.0.9
ORjoel_palmiusmod_surveyMatch3.0.10
ORjoel_palmiusmod_surveyMatch3.0.11
ORjoel_palmiusmod_surveyMatch3.0.12
ORjoel_palmiusmod_surveyMatch3.0.13
ORjoel_palmiusmod_surveyMatch3.0.14
ORjoel_palmiusmod_surveyMatch3.0.14d
ORjoel_palmiusmod_surveyMatch3.0.14e
ORjoel_palmiusmod_surveyMatch3.0.15
ORjoel_palmiusmod_surveyMatch3.0.15_pre1
ORjoel_palmiusmod_surveyMatch3.0.15_pre2
ORjoel_palmiusmod_surveyMatch3.0.15_pre3
ORjoel_palmiusmod_surveyMatch3.0.15_pre4
ORjoel_palmiusmod_surveyMatch3.0.15_pre5
ORjoel_palmiusmod_surveyMatch3.0.15_pre6
ORjoel_palmiusmod_surveyMatch3.0.16_pre1
ORjoel_palmiusmod_surveyMatch3.2.0_pre1
ORjoel_palmiusmod_surveyMatch3.2.0_pre2
ORjoel_palmiusmod_surveyMatch3.2.0_pre3
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.8 Medium
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
64.9%
Related for NVD:CVE-2004-1837