Lucene search

[email protected]CVE-2003-1136

HistoryMay 10, 2005 - 4:00 a.m.

CVE-2003-1136

2005-05-1004:00:00

[email protected]

web.nvd.nist.gov

cve-2003-1136

cross-site scripting

xss

chi kien uong

guestbook 1.51

vulnerability

remote attackers

web script

html

javascript

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.9 Medium

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

80.7%

JSON

Cross-site scripting (XSS) vulnerability in Chi Kien Uong Guestbook 1.51 allows remote attackers to inject arbitrary web script or HTML via (1) HTML in a posted message or (2) Javascript in an onmouseover attribute in an e-mail address or URL.

Affected configurations

NVD

Node

chi_kien_uongchi_kien_uong_guestbookMatch1.51

CPENameOperatorVersion
chi_kien_uong:chi_kien_uong_guestbookchi kien uong chi kien uong guestbookeq1.51

CPE	Name	Operator	Version
chi_kien_uong:chi_kien_uong_guestbook	chi kien uong chi kien uong guestbook	eq	1.51

References

secunia.com/advisories/10080

securitytracker.com/id?1008006

www.osvdb.org/2718

www.securityfocus.com/archive/1/342475

www.securityfocus.com/bid/8895

www.securityfocus.com/bid/8896

exchange.xforce.ibmcloud.com/vulnerabilities/13522

exchange.xforce.ibmcloud.com/vulnerabilities/13523

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.9 Medium

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

80.7%

JSON

Related for CVE-2003-1136

nvd1 cvelist1