Lucene search

[email protected]CVE-2005-1309

HistoryMay 02, 2005 - 4:00 a.m.

CVE-2005-1309

2005-05-0204:00:00

[email protected]

web.nvd.nist.gov

cve-2005-1309

cross-site scripting

xss

bblog 0.7.4

vulnerability

remote attackers

web script

html

entry title field

comment body text

nvd

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.004 Low

EPSS

Percentile

72.1%

JSON

Cross-site scripting (XSS) vulnerability in bBlog 0.7.4 allows remote attackers to inject arbitrary web script or HTML via the (1) entry title field or (2) comment body text.

Affected configurations

NVD

Node

eaden_mckeebblogMatch0.7.4

CPENameOperatorVersion
eaden_mckee:bblogeaden mckee bblogeq0.7.4

CPE	Name	Operator	Version
eaden_mckee:bblog	eaden mckee bblog	eq	0.7.4

References

securitytracker.com/id?1013811

sourceforge.net/tracker/index.php?func=detail&aid=1188735&group_id=81992&atid=564683

www.osvdb.org/15754

www.osvdb.org/15755

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.004 Low

EPSS

Percentile

72.1%

JSON

Related for CVE-2005-1309

ubuntucve1 nvd1 cvelist1 nessus1