Lucene search

MitreCVE-2005-0949

HistoryMay 02, 2005 - 4:00 a.m.

CVE-2005-0949

2005-05-0204:00:00

mitre

web.nvd.nist.gov

cve-2005-0949

cross-site scripting

xss

iatek portalapp

content.asp

web script

html

nvd

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.8

Confidence

High

EPSS

0.005

Percentile

76.1%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in content.asp in Iatek PortalApp allow remote attackers to inject arbitrary web script or HTML via the (1) contenttype or (2) keywords parameter.

Affected configurations

Nvd

Node

iatekportalapp

VendorProductVersionCPE
iatekportalapp*cpe:2.3:a:iatek:portalapp:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
iatek	portalapp	*	cpe:2.3:a:iatek:portalapp::::::::

References

icis.digitalparadox.org/~dcrab/portalapp.txt

marc.info/?l=bugtraq&m=111213291118273&w=2

secunia.com/advisories/14749

securitytracker.com/id?1013591

www.securityfocus.com/bid/12936

exchange.xforce.ibmcloud.com/vulnerabilities/19891

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.8

Confidence

High

EPSS

0.005

Percentile

76.1%

JSON

Related for CVE-2005-0949