Lucene search

[email protected]NVD:CVE-2005-4407

HistoryDec 20, 2005 - 11:03 a.m.

CVE-2005-4407

2005-12-2011:03:00

[email protected]

web.nvd.nist.gov

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.7

Confidence

High

EPSS

0.002

Percentile

53.9%

JSON

Cross-site scripting (XSS) vulnerability in index.cfm in Mercury CMS 4.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) content and (2) criteria parameters.

Affected configurations

Nvd

Node

tmc_visionpoolmercury_cmsRange≤4.0

VendorProductVersionCPE
tmc_visionpoolmercury_cms*cpe:2.3:a:tmc_visionpool:mercury_cms:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
tmc_visionpool	mercury_cms	*	cpe:2.3:a:tmc_visionpool:mercury_cms::::::::

References

pridels0.blogspot.com/2005/12/mercury-cms-vuln.html

www.osvdb.org/21863

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.7

Confidence

High

EPSS

0.002

Percentile

53.9%

JSON

Related for NVD:CVE-2005-4407

cve1 cvelist1