Lucene search

MitreCVE-2005-4502

HistoryDec 22, 2005 - 9:03 p.m.

CVE-2005-4502

2005-12-2221:03:00

mitre

web.nvd.nist.gov

cve-2005-4502

cross-site scripting

xss

httprint

version v202

security vulnerability

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

6.1

Confidence

High

EPSS

0.013

Percentile

85.6%

JSON

Cross-site scripting (XSS) vulnerability in httprint v202, and possibly other versions before v301, allows remote attackers to inject arbitrary web script or HTML via the Server field in an HTTP response, which is not sanitized before being displayed to the user.

Affected configurations

Nvd

Node

net-squarehttprintMatch202

VendorProductVersionCPE
net-squarehttprint202cpe:2.3:a:net-square:httprint:202:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
net-square	httprint	202	cpe:2.3:a:net-square:httprint:202:::::::*

References

lists.grok.org.uk/pipermail/full-disclosure/2005-December/040532.html

net-square.com/httprint/#history

secunia.com/advisories/18208

securitytracker.com/id?1015403

www.cybsec.com/vuln/CYBSEC_Security_Advisory_httprint_Multiple_Vulnerabilities.pdf

www.securityfocus.com/archive/1/420101/100/0/threaded

www.securityfocus.com/bid/16031

www.vupen.com/english/advisories/2005/3070

exchange.xforce.ibmcloud.com/vulnerabilities/23885

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

6.1

Confidence

High

EPSS

0.013

Percentile

85.6%

JSON

Related for CVE-2005-4502