Lucene search

[email protected]NVD:CVE-2005-4785

HistoryDec 31, 2005 - 5:00 a.m.

CVE-2005-4785

2005-12-3105:00:00

[email protected]

web.nvd.nist.gov

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.7 Medium

AI Score

Confidence

High

0.01 Low

EPSS

Percentile

83.8%

JSON

Cross-site scripting (XSS) vulnerability in QuickBlogger 1.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) author (“your name”) and (2) “comment” section.

Affected configurations

NVD

Node

jl_webworksquickbloggerMatch1.4

References

archives.neohapsis.com/archives/fulldisclosure/2005-07/0090.html

exploitlabs.com/files/advisories/EXPL-A-2005-011-quickblogger.txt

secunia.com/advisories/15942

securitytracker.com/id?1014386

www.securityfocus.com/bid/14152

www.vupen.com/english/advisories/2005/0987

exchange.xforce.ibmcloud.com/vulnerabilities/21244

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.7 Medium

AI Score

Confidence

High

0.01 Low

EPSS

Percentile

83.8%

JSON

Related for NVD:CVE-2005-4785

cvelist1 cve1