Lucene search
HistoryMar 30, 2005 - 5:00 a.m.
CVE-2005-0487
cve-2005-0487
cross-site scripting
xss
kayako esupport
security vulnerability
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
5.9 Medium
AI Score
Confidence
High
0.005 Low
EPSS
Percentile
76.9%
Cross-site scripting (XSS) vulnerability in index.php for Kayako ESupport 2.3.1, and possibly other versions, allows remote attackers to inject arbitrary HTML and web script via the nav parameter.
Affected configurations
Node
kayakoesupportMatch2.3.1
| CPE | Name | Operator | Version |
|---|---|---|---|
| kayako:esupport | kayako esupport | eq | 2.3.1 |
Related
cvelist
cvelist
CVE-2005-0487
2005-02-19 05:00:00
CVE-2007-1145
2007-02-27 18:00:00
nessus
nessus
Kayako eSupport index.php nav Parameter XSS
2005-02-16 00:00:00
nvd
nvd
CVE-2005-0487
2005-03-30 05:00:00
CVE-2007-1145
2007-03-02 21:18:00
prion
prion
Cross site scripting
2007-03-02 21:18:00
cve
cve
CVE-2007-1145
2007-03-02 21:18:00
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
5.9 Medium
AI Score
Confidence
High
0.005 Low
EPSS
Percentile
76.9%
Related for CVE-2005-0487