Lucene search

[email protected]NVD:CVE-2005-3761

HistoryNov 22, 2005 - 11:03 p.m.

CVE-2005-3761

2005-11-2223:03:00

[email protected]

web.nvd.nist.gov

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.7

Confidence

High

EPSS

0.003

Percentile

65.9%

JSON

Cross-site scripting (XSS) vulnerability in Exponent CMS 0.96.3 and later versions allows remote attackers to inject arbitrary web script or HTML via (1) Javascript in forms produced by the form generator or (2) the parameters to the installer.

Affected configurations

Nvd

Node

exponentexponentMatch0.94

exponentexponentMatch0.95

exponentexponentMatch0.96.1

exponentexponentMatch0.96.3

exponentexponentMatch0.96.4

VendorProductVersionCPE
exponentexponent0.94cpe:2.3:a:exponent:exponent:0.94:*:*:*:*:*:*:*
exponentexponent0.95cpe:2.3:a:exponent:exponent:0.95:*:*:*:*:*:*:*
exponentexponent0.96.1cpe:2.3:a:exponent:exponent:0.96.1:*:*:*:*:*:*:*
exponentexponent0.96.3cpe:2.3:a:exponent:exponent:0.96.3:*:*:*:*:*:*:*
exponentexponent0.96.4cpe:2.3:a:exponent:exponent:0.96.4:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
exponent	exponent	0.94	cpe:2.3:a:exponent:exponent:0.94:::::::*
exponent	exponent	0.95	cpe:2.3:a:exponent:exponent:0.95:::::::*
exponent	exponent	0.96.1	cpe:2.3:a:exponent:exponent:0.96.1:::::::*
exponent	exponent	0.96.3	cpe:2.3:a:exponent:exponent:0.96.3:::::::*
exponent	exponent	0.96.4	cpe:2.3:a:exponent:exponent:0.96.4:::::::*

References

secunia.com/advisories/17505

secunia.com/advisories/17655

www.securityfocus.com/archive/1/417218

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.7

Confidence

High

EPSS

0.003

Percentile

65.9%

JSON

Related for NVD:CVE-2005-3761

cve1 cvelist1