Lucene search
HistoryMar 24, 2008 - 10:44 p.m.
CVE-2008-1470
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.7 Medium
AI Score
Confidence
High
0.006 Low
EPSS
Percentile
78.6%
Incomplete blacklist vulnerability in IISWebAgentIF.dll in the WebID RSA Authentication Agent 5.3, and possibly earlier, allows remote attackers to conduct cross-site scripting (XSS) attacks via the postdata parameter, due to an incomplete fix for CVE-2005-1118.
Affected configurations
Node
rsawebidMatch5.3
Related
cve
cve
cvelist
cvelist
prion
prion
Cross site scripting
2008-03-24 22:44:00
Cross site scripting
2008-04-30 14:10:00
nvd
nvd
CVE-2008-2026
2008-04-30 14:10:00
CVE-2005-1118
2005-04-14 04:00:00
seebug
seebug
RSA认证代理登录页面IISWebAgentIF.dll跨站脚本漏洞
2008-04-25 00:00:00
openvas
openvas
RSA Security RSA Authentication Agent For Web XSS
2005-11-03 00:00:00
RSA Security RSA Authentication Agent For Web XSS
2005-11-03 00:00:00
nessus
nessus
RSA Security RSA Authentication Agent For Web For IIS XSS
2005-05-09 00:00:00
cert
cert
RSA Authentication Agent for Web fails to properly validate input
2005-06-07 00:00:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.7 Medium
AI Score
Confidence
High
0.006 Low
EPSS
Percentile
78.6%
Related for NVD:CVE-2008-1470