Lucene search

[email protected]CVE-2004-0314

HistoryNov 23, 2004 - 5:00 a.m.

CVE-2004-0314

2004-11-2305:00:00

[email protected]

web.nvd.nist.gov

cve-2004-0314

cross-site scripting

xss vulnerability

webzedit

nvd

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6.6 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

53.7%

JSON

Cross-site scripting (XSS) vulnerability in done.jsp in WebzEdit 1.9 and earlier allows remote attackers to execute arbitrary script as other users via the message parameter.

Affected configurations

NVD

Node

freewebswebzeditRange≤1.9

CPENameOperatorVersion
freewebs:webzeditfreewebs webzeditle1.9

CPE	Name	Operator	Version
freewebs:webzedit	freewebs webzedit	le	1.9

References

marc.info/?l=bugtraq&m=107757029514146&w=2

exchange.xforce.ibmcloud.com/vulnerabilities/15289

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6.6 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

53.7%

JSON

Related for CVE-2004-0314

cvelist1 nvd1