Lucene search

MitreCVE-2004-2207

HistoryJul 10, 2005 - 4:00 a.m.

CVE-2004-2207

2005-07-1004:00:00

mitre

web.nvd.nist.gov

cve

2004

2207

cross-site scripting

xss

vulnerability

ideal science idealbb

web script

html

remote attackers

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.6

Confidence

High

EPSS

0.003

Percentile

65.7%

JSON

Cross-site scripting (XSS) vulnerability in Ideal Science IdealBB 1.4.9 through 1.5.3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.

Affected configurations

Nvd

Node

ideal_scienceidealbbMatch1.4.9

ideal_scienceidealbbMatch1.4.9_beta

ideal_scienceidealbbMatch1.4.9a

ideal_scienceidealbbMatch1.5.1

ideal_scienceidealbbMatch1.5.2

ideal_scienceidealbbMatch1.5.2a

ideal_scienceidealbbMatch1.5.2c

ideal_scienceidealbbMatch1.5.3

ideal_scienceidealbbMatch1.5_beta1

ideal_scienceidealbbMatch1.5_beta2

ideal_scienceidealbbMatch1.5_beta3

ideal_scienceidealbbMatch1.5_beta4

ideal_scienceidealbbMatch1.5_beta5

ideal_scienceidealbbMatch1.5_rc1

VendorProductVersionCPE
ideal_scienceidealbb1.4.9cpe:2.3:a:ideal_science:idealbb:1.4.9:*:*:*:*:*:*:*
ideal_scienceidealbb1.4.9_betacpe:2.3:a:ideal_science:idealbb:1.4.9_beta:*:*:*:*:*:*:*
ideal_scienceidealbb1.4.9acpe:2.3:a:ideal_science:idealbb:1.4.9a:*:*:*:*:*:*:*
ideal_scienceidealbb1.5.1cpe:2.3:a:ideal_science:idealbb:1.5.1:*:*:*:*:*:*:*
ideal_scienceidealbb1.5.2cpe:2.3:a:ideal_science:idealbb:1.5.2:*:*:*:*:*:*:*
ideal_scienceidealbb1.5.2acpe:2.3:a:ideal_science:idealbb:1.5.2a:*:*:*:*:*:*:*
ideal_scienceidealbb1.5.2ccpe:2.3:a:ideal_science:idealbb:1.5.2c:*:*:*:*:*:*:*
ideal_scienceidealbb1.5.3cpe:2.3:a:ideal_science:idealbb:1.5.3:*:*:*:*:*:*:*
ideal_scienceidealbb1.5_beta1cpe:2.3:a:ideal_science:idealbb:1.5_beta1:*:*:*:*:*:*:*
ideal_scienceidealbb1.5_beta2cpe:2.3:a:ideal_science:idealbb:1.5_beta2:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ideal_science	idealbb	1.4.9	cpe:2.3:a:ideal_science:idealbb:1.4.9:::::::*
ideal_science	idealbb	1.4.9_beta	cpe:2.3:a:ideal_science:idealbb:1.4.9_beta:::::::*
ideal_science	idealbb	1.4.9a	cpe:2.3:a:ideal_science:idealbb:1.4.9a:::::::*
ideal_science	idealbb	1.5.1	cpe:2.3:a:ideal_science:idealbb:1.5.1:::::::*
ideal_science	idealbb	1.5.2	cpe:2.3:a:ideal_science:idealbb:1.5.2:::::::*
ideal_science	idealbb	1.5.2a	cpe:2.3:a:ideal_science:idealbb:1.5.2a:::::::*
ideal_science	idealbb	1.5.2c	cpe:2.3:a:ideal_science:idealbb:1.5.2c:::::::*
ideal_science	idealbb	1.5.3	cpe:2.3:a:ideal_science:idealbb:1.5.3:::::::*
ideal_science	idealbb	1.5_beta1	cpe:2.3:a:ideal_science:idealbb:1.5_beta1:::::::*
ideal_science	idealbb	1.5_beta2	cpe:2.3:a:ideal_science:idealbb:1.5_beta2:::::::*

Rows per page:

1-10 of 141

References

www.maxpatrol.com/advdetails.asp?id=14

www.maxpatrol.com/mp_advisory.asp

www.securityfocus.com/bid/11424

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.6

Confidence

High

EPSS

0.003

Percentile

65.7%

JSON

Related for CVE-2004-2207