CVE-2004-2563

2005-11-2202:00:00

mitre

www.cve.org

AI Score

5.6

Confidence

High

EPSS

0.01

Percentile

83.7%

JSON

Serena TeamTrack 6.1.1 allows remote attackers to obtain sensitive information such as user names, versions, and database information, and conduct cross-site scripting (XSS) attacks, via a direct request to tmtrack.dll with modified LoginPage and Template parameters.

References

secunia.com/advisories/12122

www.osvdb.org/8182

www.osvdb.org/8183

www.osvdb.org/8185

www.securiteam.com/windowsntfocus/5SP0O0ADGG.html

www.securityfocus.com/bid/10770

exchange.xforce.ibmcloud.com/vulnerabilities/16771

exchange.xforce.ibmcloud.com/vulnerabilities/16777