Lucene search

[email protected]NVD:CVE-2005-4305

HistoryDec 17, 2005 - 12:03 a.m.

CVE-2005-4305

2005-12-1700:03:00

[email protected]

web.nvd.nist.gov

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.5 Medium

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

78.8%

JSON

Cross-site scripting (XSS) vulnerability in Edgewall Trac 0.9, 0.9.1, and 0.9.2 allows remote attackers to inject arbitrary web script or HTML via the URL, which is not properly sanitized before it is returned in an error page.

Affected configurations

NVD

Node

edgewall_softwaretracMatch0.9

edgewall_softwaretracMatch0.9.1

edgewall_softwaretracMatch0.9.2

References

projects.edgewall.com/trac/wiki/ChangeLog

secunia.com/advisories/18048

secunia.com/advisories/18625

securitytracker.com/id?1015363

www.gentoo.org/security/en/glsa/glsa-200601-12.xml

www.securityfocus.com/bid/16386

www.vupen.com/english/advisories/2005/2936

exchange.xforce.ibmcloud.com/vulnerabilities/23775

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.5 Medium

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

78.8%

JSON

Related for NVD:CVE-2005-4305

cve1 ubuntucve1 openvas4 gentoo1 cvelist1 nessus2 debiancve1 freebsd1