Lucene search

K
nvd[email protected]NVD:CVE-2005-4075
HistoryDec 08, 2005 - 1:03 a.m.

CVE-2005-4075

2005-12-0801:03:00
web.nvd.nist.gov

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.8

Confidence

High

EPSS

0.005

Percentile

76.1%

Multiple cross-site scripting (XSS) vulnerabilities in index.cfm in CF_Nuke 4.6 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) topic and (2) newsid parameter in the news sector, and (3) cat parameter in the links sector.

Affected configurations

NVD
Node
mycfnukecf_nukeRange4.6
OR
mycfnukecf_nukeMatch3.0a
OR
mycfnukecf_nukeMatch4.0
OR
mycfnukecf_nukeMatch4.5

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.8

Confidence

High

EPSS

0.005

Percentile

76.1%

Related for NVD:CVE-2005-4075